Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

cpu/mcafee issues


  • This topic is locked This topic is locked
8 replies to this topic

#1 benjola2

benjola2

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:28 PM

Posted 14 August 2010 - 09:19 PM

Referred from here: http://www.bleepingcomputer.com/forums/t/339099/mcafeecpu-issues/ ~ OB


so lately i've noticed that either firefox or some other program is not dumping it's unused memory after it is done with it resulting in my cpu usage to be at 100% almost constantly. also mcafee realtime protection keeps turning it's self off .


os: windows 7 ultimate
ram:2.87 GB
system type:32 bit
CPU:AMD sempron processor LE-1250 2.20 GHZ


Mbam log:Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4420

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

8/12/2010 5:51:05 AM
mbam-log-2010-08-12 (05-51-05).txt

Scan type: Full scan (C:|D:|O:|)
Objects scanned: 240109
Time elapsed: 32 minute(s), 51 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 7
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 10
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOTCLSID{86c5840b-80c4-4c30-a655-37344a542009} (Adware.Hotbar) -> No action taken.
HKEY_CLASSES_ROOTCLSID{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> No action taken.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> No action taken.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{d95c7240-0282-4c01-93f5-673bca03da86} (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{a3e67daa-da01-4da5-98be-3088b554a11e} (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> No action taken.
HKEY_CURRENT_USERSOFTWAREAppDataLowHavingFunOnline (Adware.BHO.FL) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USERSOFTWAREMicrosoftInternet ExplorerMainStart Page (Hijack.StartPage) -> Bad: (http://bing.zugo.com/?cfg=2-76-0-pcA1
) Good: (http://www.google.com) -> No action taken.

Folders Infected:
C:Program FilesFLV Direct Player (Adware.BHO.FL) -> No action taken.
C:Program FilesFLV Direct PlayerSkinDirectFLV (Adware.BHO.FL) -> No action taken.
C:Program FilesFLV Direct PlayerSkinDirectFLVskin (Adware.BHO.FL) -> No action taken.
C:Program FilesFLV Direct PlayerSkinDirectFLVskinButton (Adware.BHO.FL) -> No action taken.
C:Program FilesFLV Direct PlayerSkinDirectFLVskinComboBox (Adware.BHO.FL) -> No action taken.
C:Program FilesFLV Direct PlayerSkinDirectFLVskinMenu (Adware.BHO.FL) -> No action taken.
C:Program FilesFLV Direct PlayerSkinDirectFLVskinSysButton (Adware.BHO.FL) -> No action taken.
C:Program FilesFLV Direct PlayerSkinDirectFLVskinWindow (Adware.BHO.FL) -> No action taken.
C:ProgramDataMicrosoftWindowsStart MenuProgramsFLV Direct Player (Adware.FLVPlayer) -> No action taken.
C:RECYCLERS-5-3-42-2819952290-8240758988-879315005-3665 (Trojan.Agent) -> No action taken.

Files Infected:
(No malicious items detected)


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 08/12/2010 at 06:41 PM

Application Version : 4.41.1000

Core Rules Database Version : 5351
Trace Rules Database Version: 3163

Scan type : Complete Scan
Total Scan Time : 01:12:04

Memory items scanned : 627
Memory threats detected : 0
Registry items scanned : 8980
Registry threats detected : 0
File items scanned : 104369
File threats detected : 246

Adware.Tracking Cookie
.doubleclick.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
ads.gamersmedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
ads.gamersmedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.collective-media.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.imrworldwide.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.imrworldwide.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.eyewonder.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.eyewonder.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.specificmedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.netporn.nl [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.netporn.nl [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.advertiseyourgame.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.advertiseyourgame.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.pornimghost.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.pornimghost.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.yieldmanager.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.lucidmedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.lucidmedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.lucidmedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.chitika.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.interclick.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.a1.interclick.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.a1.interclick.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.a1.interclick.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.pointroll.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
dc.tremormedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.interclick.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.lucidmedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.lucidmedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.pointroll.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
ads.adultadvertising.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.pubads.g.doubleclick.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
rts.pgmediaserve.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.lucidmedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.lucidmedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
eas.apm.emediate.eu [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.lucidmedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.lucidmedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
eas.apm.emediate.eu [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
eas.apm.emediate.eu [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.pornhub.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.pornhub.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
www.pornhub.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
www.pornhub.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.lucidmedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.lucidmedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.andomedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.2o7.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.2o7.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.2o7.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.2o7.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.2o7.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.megaporn.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.megaporn.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.2o7.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.2o7.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.pornfuze.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.pornfuze.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.2o7.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.myporndiary.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.myporndiary.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
www.myporndiary.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
www.usenext.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.2o7.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.2o7.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.2o7.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
count.rbc.ru [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.yourdailymedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.yourdailymedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
www.yourdailymedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
www.world-sex-records.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
www.world-sex-records.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.bleepeduphentai.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.bleepeduphentai.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.bleepeduphentai.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.bleepeduphentai.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.tour.bleepeduphentai.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.tour.bleepeduphentai.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.tour.bleepeduphentai.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.tour.bleepeduphentai.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.widget.pornwave.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.widget.pornwave.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.2o7.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
advertising.sheknows.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.lockedonmedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
www.yourdailymedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.allsexguide.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.allsexguide.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.game-advertising-online.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
optimize.indieclick.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.bonniercorp.122.2o7.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.elitefreeware.blogspot.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.elitefreeware.blogspot.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.bs.serving-sys.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.adbrite.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.adbrite.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.associatedcontent.112.2o7.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.2o7.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
ie-stat.bmmetrix.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.tradedoubler.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.tradedoubler.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.tradedoubler.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.stat.youku.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
bobsworldwidediscounts.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
bobsworldwidediscounts.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
user-activity-tracking.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.pornrabbit.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.pornrabbit.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.8tracks.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.8tracks.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.8tracks.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
8tracks.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.8tracks.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.8tracks.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.8tracks.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
8tracks.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.hardwarezone.com.sg [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.hardwarezone.com.sg [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
imagevenue.advertserve.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
imagevenue.advertserve.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.surveymonkey.122.2o7.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.adbrite.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.gvsmedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.gvsmedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.adbrite.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.24porn7.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.24porn7.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.the-sex.us [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.the-sex.us [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
www.the-sex.us [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
www.the-sex.us [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
www.the-sex.us [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
www.the-sex.us [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
www.the-sex.us [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
www.the-sex.us [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
www.the-sex.us [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
www.the-sex.us [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
www.the-sex.us [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.ads.sexinyourcity.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.ads.sexinyourcity.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.xxxprivates.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.xxxprivates.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.pornyfico.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.pornyfico.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.adultadworld.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
www.pornyfico.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
ad3.clickhype.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.mediafire.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.mediafire.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.mediafire.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.clicksor.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.clicksor.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.clicksor.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.clicksor.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.clicksor.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.crackle.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
stats.buildtraffic.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.2o7.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.2o7.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.ipostnaked.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.ipostnaked.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.lfstmedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.lfstmedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.lfstmedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.smileycentral.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.smileycentral.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.smileycentral.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.adbrite.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
rotator.hadj7.adjuggler.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
rotator.hadj7.adjuggler.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.2o7.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.lucidmedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.lucidmedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.lucidmedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
clicktorrent.info [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
clicktorrent.info [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
d.mediadakine.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.mediadakine.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.adbrite.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.cracked.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.cracked.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.cracked.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.atdmt.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.atdmt.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
www.movies-finder.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
www.movies-finder.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.movies-finder.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.movies-finder.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
traffic.tcmagnet.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.atdmt.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.lucidmedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.lucidmedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.lucidmedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.lucidmedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
adserver.adpredictive.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.atdmt.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.atdmt.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.ad.velmedia.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.ad.velmedia.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.velmedia.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
d.mediadakine.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
d.mediadakine.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.waterfrontmedia.112.2o7.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.httrack.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.httrack.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
stats.aatrk.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
www.clicker.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.clicker.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.clicker.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
www.clicker.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.naiadsystems.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
pluckit.demandmedia.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
click2go.org [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
www.linktrack66.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
www.pixeltrack66.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.king-xxx.blogspot.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.king-xxx.blogspot.com [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.gettyimages.122.2o7.net [ C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\cookies.sqlite ]
.doubleclick.net [ C:\Windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\sgdebinr.default\cookies.sqlite ]
Go to the top of the page


+

OTL logfile created on: 8/14/2010 8:05:42 PM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\ben ld\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 78.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 911.33 Gb Total Space | 674.35 Gb Free Space | 74.00% Space Free | Partition Type: NTFS
Drive D: | 536.85 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive O: | 20.18 Gb Total Space | 0.00 Gb Free Space | 0.02% Space Free | Partition Type: NTFS

Computer Name: BENLD-PC
Current User Name: ben ld
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 360 Days
Output = Standard

========== Processes (All) ==========

PRC - [2010/08/14 20:04:08 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\ben ld\Desktop\OTL.exe
PRC - [2010/08/04 13:18:12 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox 3.6 Beta 1\plugin-container.exe
PRC - [2010/08/04 13:18:08 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox 3.6 Beta 1\firefox.exe
PRC - [2010/07/19 12:50:45 | 002,403,568 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2010/06/24 22:32:44 | 001,193,848 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2010/06/02 19:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/05/31 20:32:58 | 000,141,792 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mfevtps.exe
PRC - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010/04/29 15:39:32 | 000,437,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2010/04/14 12:50:14 | 000,170,144 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mcshield.exe
PRC - [2010/04/13 20:11:16 | 003,045,176 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Online Backup\MOBKstat.exe
PRC - [2010/03/12 18:41:16 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
PRC - [2009/12/05 11:37:28 | 003,121,760 | ---- | M] (SammSoft (www.sammsoft.com)) -- C:\Program Files\MemTurbo 4\MemTurbo.exe
PRC - [2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/10/28 01:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2009/07/13 20:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2009/07/13 20:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2009/07/13 20:14:42 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\servicing\TrustedInstaller.exe
PRC - [2009/07/13 20:14:42 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
PRC - [2009/07/13 20:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/13 20:14:41 | 000,316,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
PRC - [2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009/07/13 20:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2009/07/13 20:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2009/07/13 20:14:35 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
PRC - [2009/07/13 20:14:23 | 000,261,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2009/07/13 20:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2009/07/13 20:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2009/07/13 20:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
PRC - [2009/06/26 09:26:20 | 000,085,504 | ---- | M] (PC Pitstop LLC) -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe
PRC - [2009/04/28 09:58:26 | 000,094,208 | ---- | M] (Lexmark International, Inc.) -- C:\Windows\System32\spool\drivers\w32x86\3\lxdnserv.exe
PRC - [2009/01/29 10:43:55 | 000,660,136 | ---- | M] () -- C:\Program Files\Lexmark 2600 Series\lxdnmon.exe
PRC - [2009/01/29 10:43:53 | 000,025,256 | ---- | M] () -- C:\Program Files\Lexmark 2600 Series\lxdnmsdmon.exe
PRC - [2008/02/27 18:07:26 | 000,594,600 | ---- | M] ( ) -- C:\Windows\System32\lxdncoms.exe
PRC - [2007/06/29 11:11:16 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe


========== Modules (All) ==========

MOD - [2010/08/14 20:04:08 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\ben ld\Desktop\OTL.exe
MOD - [2010/07/27 09:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2010/03/24 01:37:04 | 001,286,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2009/12/08 06:33:31 | 000,857,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2009/12/08 06:32:02 | 000,292,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2009/12/05 11:37:28 | 000,047,104 | ---- | M] (SammSoft (www.sammsoft.com)) -- C:\Program Files\MemTurbo 4\cpurocket.dll
MOD - [2009/07/13 20:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2009/07/13 20:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2009/07/13 20:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2009/07/13 20:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2009/07/13 20:16:17 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2009/07/13 20:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2009/07/13 20:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2009/07/13 20:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2009/07/13 20:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009/07/13 20:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2009/07/13 20:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2009/07/13 20:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2009/07/13 20:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2009/07/13 20:16:13 | 000,652,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2009/07/13 20:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009/07/13 20:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2009/07/13 20:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009/07/13 20:16:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2009/07/13 20:16:12 | 001,412,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2009/07/13 20:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2009/07/13 20:16:12 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2009/07/13 20:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2009/07/13 20:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009/07/13 20:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll
MOD - [2009/07/13 20:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2009/07/13 20:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009/07/13 20:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2009/07/13 20:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2009/07/13 20:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2009/07/13 20:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009/07/13 20:15:32 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2009/07/13 20:15:22 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2009/07/13 20:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009/07/13 20:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2009/07/13 20:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009/07/13 20:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2009/07/13 20:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009/07/13 20:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2009/07/13 20:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2009/07/13 20:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2009/07/13 20:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
MOD - [2009/07/13 20:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (All) ==========

SRV - [2010/05/31 20:32:58 | 000,188,136 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2010/05/31 20:32:58 | 000,141,792 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\Mcafee\SystemCore\mfevtps.exe -- (mfevtp)
SRV - [2010/05/09 04:13:45 | 000,556,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/04/15 09:45:10 | 000,364,216 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2010/04/14 12:50:14 | 000,170,144 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2010/04/13 20:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)
SRV - [2010/03/31 00:42:29 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/12 18:41:16 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Disabled | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2009/09/27 17:47:00 | 000,215,656 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Windows\System32\nvvsvc.exe -- (nvsvc)
SRV - [2009/08/20 13:34:04 | 000,073,728 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2009/07/13 20:16:21 | 001,912,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2009/07/13 20:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009/07/13 20:16:21 | 000,064,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\WUDFSvc.dll -- (wudfsvc)
SRV - [2009/07/13 20:16:20 | 001,175,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WsmSvc.dll -- (WinRM) Windows Remote Management (WS-Management)
SRV - [2009/07/13 20:16:20 | 000,084,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wpdbusenum.dll -- (WPDBusEnum)
SRV - [2009/07/13 20:16:20 | 000,073,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2009/07/13 20:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wpcsvc.dll -- (WPCSvc)
SRV - [2009/07/13 20:16:19 | 000,829,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2009/07/13 20:16:19 | 000,348,672 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2009/07/13 20:16:19 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2009/07/13 20:16:19 | 000,084,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)
SRV - [2009/07/13 20:16:18 | 001,086,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (eventlog)
SRV - [2009/07/13 20:16:18 | 000,462,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (StiSvc) Windows Image Acquisition (WIA)
SRV - [2009/07/13 20:16:18 | 000,276,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wcncsvc.dll -- (wcncsvc)
SRV - [2009/07/13 20:16:18 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WebClnt.dll -- (WebClient)
SRV - [2009/07/13 20:16:18 | 000,147,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wecsvc.dll -- (Wecsvc)
SRV - [2009/07/13 20:16:18 | 000,076,288 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\wdi.dll -- (WdiSystemHost)
SRV - [2009/07/13 20:16:18 | 000,076,288 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\wdi.dll -- (WdiServiceHost)
SRV - [2009/07/13 20:16:18 | 000,065,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wersvc.dll -- (WerSvc)
SRV - [2009/07/13 20:16:18 | 000,061,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wercplsupport.dll -- (wercplsupport)
SRV - [2009/07/13 20:16:18 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WcsPlugInService.dll -- (WcsPlugInService)
SRV - [2009/07/13 20:16:17 | 000,294,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2009/07/13 20:16:17 | 000,288,768 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\w32time.dll -- (W32Time)
SRV - [2009/07/13 20:16:17 | 000,266,752 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\upnphost.dll -- (upnphost)
SRV - [2009/07/13 20:16:17 | 000,154,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\umrdp.dll -- (UmRdpService)
SRV - [2009/07/13 20:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009/07/13 20:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009/07/13 20:16:17 | 000,029,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\uxsms.dll -- (UxSms)
SRV - [2009/07/13 20:16:16 | 000,077,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\trkwks.dll -- (TrkWks)
SRV - [2009/07/13 20:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/07/13 20:16:15 | 001,169,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\sysmain.dll -- (SysMain)
SRV - [2009/07/13 20:16:15 | 000,543,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\termsrv.dll -- (TermService)
SRV - [2009/07/13 20:16:15 | 000,313,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2009/07/13 20:16:15 | 000,241,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009/07/13 20:16:15 | 000,168,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2009/07/13 20:16:15 | 000,162,816 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ssdpsrv.dll -- (SSDPSRV)
SRV - [2009/07/13 20:16:15 | 000,090,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\sstpsvc.dll -- (SstpSvc)
SRV - [2009/07/13 20:16:15 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\TabSvc.dll -- (TabletInputService)
SRV - [2009/07/13 20:16:15 | 000,055,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\tbssvc.dll -- (TBS)
SRV - [2009/07/13 20:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009/07/13 20:16:14 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
SRV - [2009/07/13 20:16:13 | 000,743,424 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2009/07/13 20:16:13 | 000,376,320 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs) Remote Procedure Call (RPC)
SRV - [2009/07/13 20:16:13 | 000,376,320 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2009/07/13 20:16:13 | 000,132,608 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\SCardSvr.dll -- (SCardSvr)
SRV - [2009/07/13 20:16:13 | 000,125,952 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2009/07/13 20:16:13 | 000,112,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\regsvc.dll -- (RemoteRegistry)
SRV - [2009/07/13 20:16:13 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\SessEnv.dll -- (SessionEnv)
SRV - [2009/07/13 20:16:13 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\Sens.dll -- (SENS)
SRV - [2009/07/13 20:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:16:13 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2009/07/13 20:16:12 | 001,508,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pla.dll -- (pla)
SRV - [2009/07/13 20:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 20:16:12 | 000,589,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2009/07/13 20:16:12 | 000,330,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\QAGENTRT.DLL -- (napagent)
SRV - [2009/07/13 20:16:12 | 000,327,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\p2psvc.dll -- (p2psvc)
SRV - [2009/07/13 20:16:12 | 000,285,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2009/07/13 20:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009/07/13 20:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009/07/13 20:16:12 | 000,210,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\qwave.dll -- (QWAVE)
SRV - [2009/07/13 20:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/13 20:16:12 | 000,162,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2009/07/13 20:16:12 | 000,154,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pcasvc.dll -- (PcaSvc)
SRV - [2009/07/13 20:16:12 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2009/07/13 20:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009/07/13 20:16:11 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2009/07/13 20:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2009/07/13 20:16:03 | 000,280,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2009/07/13 20:16:03 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2009/07/13 20:15:43 | 000,308,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msdtckrm.dll -- (KtmRm)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/13 20:15:41 | 000,565,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2009/07/13 20:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\mprdim.dll -- (RemoteAccess)
SRV - [2009/07/13 20:15:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\mmcss.dll -- (THREADORDER)
SRV - [2009/07/13 20:15:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2009/07/13 20:15:38 | 000,067,584 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\Mcx2Svc.dll -- (Mcx2Svc)
SRV - [2009/07/13 20:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009/07/13 20:15:36 | 000,189,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lltdsvc.dll -- (lltdsvc)
SRV - [2009/07/13 20:15:36 | 000,018,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lmhsvc.dll -- (lmhosts)
SRV - [2009/07/13 20:15:35 | 000,071,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\KMSVC.DLL -- (hkmsvc)
SRV - [2009/07/13 20:15:34 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\iscsiexe.dll -- (MSiSCSI)
SRV - [2009/07/13 20:15:33 | 000,497,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\iphlpsvc.dll -- (iphlpsvc)
SRV - [2009/07/13 20:15:33 | 000,350,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
SRV - [2009/07/13 20:15:33 | 000,300,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess) Internet Connection Sharing (ICS)
SRV - [2009/07/13 20:15:33 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IPBusEnum.dll -- (IPBusEnum)
SRV - [2009/07/13 20:15:31 | 000,667,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\IKEEXT.DLL -- (IKEEXT)
SRV - [2009/07/13 20:15:24 | 000,591,360 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\gpsvc.dll -- (gpsvc)
SRV - [2009/07/13 20:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2009/07/13 20:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/13 20:15:20 | 000,028,160 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\FDResPub.dll -- (FDResPub)
SRV - [2009/07/13 20:15:20 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\fdPHost.dll -- (fdPHost)
SRV - [2009/07/13 20:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2009/07/13 20:15:13 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2009/07/13 20:15:12 | 000,214,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009/07/13 20:15:12 | 000,143,360 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\dps.dll -- (DPS)
SRV - [2009/07/13 20:15:12 | 000,132,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/07/13 20:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/13 20:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009/07/13 20:15:07 | 000,544,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cscsvc.dll -- (CscService)
SRV - [2009/07/13 20:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2009/07/13 20:15:02 | 000,067,584 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\certprop.dll -- (SCPolicySvc)
SRV - [2009/07/13 20:15:02 | 000,067,584 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\certprop.dll -- (CertPropSvc)
SRV - [2009/07/13 20:15:00 | 000,102,400 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2009/07/13 20:15:00 | 000,064,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\bthserv.dll -- (bthserv)
SRV - [2009/07/13 20:14:59 | 000,493,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2009/07/13 20:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009/07/13 20:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
SRV - [2009/07/13 20:14:57 | 000,473,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2009/07/13 20:14:57 | 000,473,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2009/07/13 20:14:53 | 000,149,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appmgmts.dll -- (AppMgmt)
SRV - [2009/07/13 20:14:53 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2009/07/13 20:14:53 | 000,046,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2009/07/13 20:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009/07/13 20:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2009/07/13 20:14:46 | 000,136,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbem\WmiApSrv.exe -- (wmiApSrv)
SRV - [2009/07/13 20:14:44 | 001,202,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbengine.exe -- (wbengine)
SRV - [2009/07/13 20:14:43 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2009/07/13 20:14:43 | 000,452,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\vds.exe -- (vds)
SRV - [2009/07/13 20:14:43 | 000,035,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\UI0Detect.exe -- (UI0Detect)
SRV - [2009/07/13 20:14:42 | 000,204,800 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller)
SRV - [2009/07/13 20:14:41 | 000,316,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2009/07/13 20:14:39 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\snmptrap.exe -- (SNMPTRAP)
SRV - [2009/07/13 20:14:35 | 000,428,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\SearchIndexer.exe -- (WSearch)
SRV - [2009/07/13 20:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009/07/13 20:14:25 | 000,134,144 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\msdtc.exe -- (MSDTC)
SRV - [2009/07/13 20:14:25 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2009/07/13 20:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (VaultSvc)
SRV - [2009/07/13 20:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2009/07/13 20:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
SRV - [2009/07/13 20:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (Netlogon)
SRV - [2009/07/13 20:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2009/07/13 20:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\lsass.exe -- (EFS) Encrypting File System (EFS)
SRV - [2009/07/13 20:14:22 | 000,009,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Locator.exe -- (RpcLocator) Remote Procedure Call (RPC)
SRV - [2009/07/13 20:14:20 | 000,522,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FXSSVC.exe -- (Fax)
SRV - [2009/07/13 20:14:19 | 000,094,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehsched.exe -- (ehSched)
SRV - [2009/07/13 20:14:18 | 000,007,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dllhost.exe -- (COMSysApp)
SRV - [2009/07/13 20:14:11 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2009/06/26 09:26:20 | 000,085,504 | ---- | M] (PC Pitstop LLC) [Auto | Running] -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe -- (PCPitstop Scheduling)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/10 16:14:51 | 000,042,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2009/06/10 16:14:05 | 000,128,848 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2009/06/10 16:14:02 | 000,878,416 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2009/04/28 09:58:26 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxdnserv.exe -- (lxdnCATSCustConnectService)
SRV - [2009/04/15 09:56:30 | 000,271,760 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\CyberLink\Shared files\RichVideo.exe -- (RichVideo) Cyberlink RichVideo Service(CRVS)
SRV - [2009/03/25 15:01:30 | 000,441,344 | ---- | M] (Sammsoft) [On_Demand | Stopped] -- C:\Program Files\Hard Disk Tune-Up\HDTuneUpSrv.exe -- (Hard Disk Tune-Up)
SRV - [2008/02/27 18:07:26 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxdncoms.exe -- (lxdn_device)
SRV - [2007/06/29 11:11:16 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService)
SRV - [2005/04/04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/07/28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (All) ==========

DRV - File not found [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\TfSysMon.sys -- (TfSysMon)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - File not found [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - [2010/06/21 21:47:35 | 000,310,784 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srv.sys -- (srv)
DRV - [2010/06/21 21:47:21 | 000,307,200 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srv2.sys -- (srv2)
DRV - [2010/06/21 21:47:13 | 000,113,664 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet)
DRV - [2010/06/14 01:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tcpip.sys -- (TCPIP6)
DRV - [2010/06/14 01:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tcpip.sys -- (Tcpip)
DRV - [2010/05/31 20:32:58 | 000,385,880 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/05/31 20:32:58 | 000,312,616 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2010/05/31 20:32:58 | 000,160,720 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2010/05/31 20:32:58 | 000,152,320 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010/05/31 20:32:58 | 000,095,568 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2010/05/31 20:32:58 | 000,083,496 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2010/05/31 20:32:58 | 000,064,304 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk)
DRV - [2010/05/31 20:32:58 | 000,055,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/05/31 20:32:58 | 000,051,688 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2010/05/10 13:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/04/13 20:10:22 | 000,054,776 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\Windows\System32\drivers\MOBK.sys -- (MOBKFilter)
DRV - [2010/03/12 18:41:16 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2010/02/27 02:32:26 | 000,221,696 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV - [2010/02/27 02:32:12 | 000,095,744 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV - [2010/02/27 02:32:05 | 000,123,392 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb.sys -- (mrxsmb)
DRV - [2010/02/17 13:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/12/11 02:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009/10/23 23:00:07 | 000,258,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\system32\DRIVERS\usbhub.sys -- (usbhub)
DRV - [2009/10/23 22:58:55 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\system32\DRIVERS\usbehci.sys -- (usbehci)
DRV - [2009/10/09 21:57:31 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sffp_sd.sys -- (sffp_sd)
DRV - [2009/10/01 23:06:59 | 000,728,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV - [2009/09/27 23:12:22 | 009,509,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/09/26 00:58:35 | 000,194,488 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\DRIVERS\fvevol.sys -- (fvevol)
DRV - [2009/07/13 20:26:21 | 000,249,408 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Running] -- C:\Windows\System32\clfs.sys -- (CLFS) Common Log (CLFS)
DRV - [2009/07/13 20:26:21 | 000,019,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\compbatt.sys -- (Compbatt)
DRV - [2009/07/13 20:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009/07/13 20:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009/07/13 20:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009/07/13 20:26:15 | 000,274,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\ACPI.sys -- (ACPI)
DRV - [2009/07/13 20:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009/07/13 20:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009/07/13 20:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009/07/13 20:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009/07/13 20:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009/07/13 20:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2009/07/13 20:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\agp440.sys -- (agp440)
DRV - [2009/07/13 20:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009/07/13 20:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\atapi.sys -- (atapi)
DRV - [2009/07/13 20:26:15 | 000,014,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdide.sys -- (amdide)
DRV - [2009/07/13 20:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009/07/13 20:20:45 | 000,153,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\pci.sys -- (pci)
DRV - [2009/07/13 20:20:45 | 000,012,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\pciide.sys -- (pciide)
DRV - [2009/07/13 20:20:44 | 001,210,432 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2009/07/13 20:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ndis.sys -- (NDIS)
DRV - [2009/07/13 20:20:44 | 000,186,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\msiscsi.sys -- (iScsiPrt)
DRV - [2009/07/13 20:20:44 | 000,162,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC)
DRV - [2009/07/13 20:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009/07/13 20:20:44 | 000,130,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\mpio.sys -- (mpio)
DRV - [2009/07/13 20:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009/07/13 20:20:44 | 000,115,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\msdsm.sys -- (msdsm)
DRV - [2009/07/13 20:20:44 | 000,105,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2009/07/13 20:20:44 | 000,078,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mountmgr.sys -- (mountmgr)
DRV - [2009/07/13 20:20:44 | 000,056,912 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\partmgr.sys -- (partmgr)
DRV - [2009/07/13 20:20:44 | 000,049,728 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\Drivers\mup.sys -- (Mup)
DRV - [2009/07/13 20:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009/07/13 20:20:44 | 000,041,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mouclass.sys -- (mouclass)
DRV - [2009/07/13 20:20:44 | 000,028,240 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2009/07/13 20:20:44 | 000,027,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\msahci.sys -- (msahci)
DRV - [2009/07/13 20:20:43 | 000,013,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\msisadrv.sys -- (msisadrv)
DRV - [2009/07/13 20:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009/07/13 20:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009/07/13 20:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009/07/13 20:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009/07/13 20:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009/07/13 20:20:36 | 000,067,664 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecdd.sys -- (KSecDD)
DRV - [2009/07/13 20:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009/07/13 20:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\isapnp.sys -- (isapnp)
DRV - [2009/07/13 20:20:36 | 000,042,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbdclass.sys -- (kbdclass)
DRV - [2009/07/13 20:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009/07/13 20:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009/07/13 20:20:36 | 000,015,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\intelide.sys -- (intelide)
DRV - [2009/07/13 20:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009/07/13 20:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009/07/13 20:20:28 | 000,198,208 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\fltmgr.sys -- (FltMgr)
DRV - [2009/07/13 20:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009/07/13 20:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009/07/13 20:20:28 | 000,058,448 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\fileinfo.sys -- (FileInfo)
DRV - [2009/07/13 20:20:28 | 000,057,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\gagp30kx.sys -- (gagp30kx)
DRV - [2009/07/13 20:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009/07/13 20:20:28 | 000,022,096 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\DRIVERS\crcdisk.sys -- (crcdisk)
DRV - [2009/07/13 20:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\disk.sys -- (Disk)
DRV - [2009/07/13 20:19:11 | 000,297,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx)
DRV - [2009/07/13 20:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009/07/13 20:19:11 | 000,057,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\uliagpkx.sys -- (uliagpkx)
DRV - [2009/07/13 20:19:11 | 000,019,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\wd.sys -- (Wd)
DRV - [2009/07/13 20:19:10 | 000,445,008 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\Wdf01000.sys -- (Wdf01000)
DRV - [2009/07/13 20:19:10 | 000,245,328 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\volsnap.sys -- (volsnap)
DRV - [2009/07/13 20:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/13 20:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009/07/13 20:19:10 | 000,055,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\uagp35.sys -- (uagp35)
DRV - [2009/07/13 20:19:10 | 000,053,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaagp.sys -- (viaagp)
DRV - [2009/07/13 20:19:10 | 000,053,312 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\volmgr.sys -- (volmgr)
DRV - [2009/07/13 20:19:10 | 000,051,776 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\termdd.sys -- (TermDD)
DRV - [2009/07/13 20:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/13 20:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009/07/13 20:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/13 20:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009/07/13 20:19:10 | 000,012,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\swenum.sys -- (swenum)
DRV - [2009/07/13 20:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009/07/13 20:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009/07/13 20:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009/07/13 20:19:04 | 000,085,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sbp2port.sys -- (sbp2port)
DRV - [2009/07/13 20:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009/07/13 20:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009/07/13 20:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009/07/13 20:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009/07/13 20:19:03 | 000,180,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\pcmcia.sys -- (pcmcia)
DRV - [2009/07/13 20:19:03 | 000,052,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2009/07/13 20:19:03 | 000,017,472 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\spldr.sys -- (spldr)
DRV - [2009/07/13 20:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009/07/13 19:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009/07/13 19:41:15 | 000,586,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH)
DRV - [2009/07/13 19:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbprint.sys -- (usbprint)
DRV - [2009/07/13 19:14:44 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbscan.sys -- (usbscan)
DRV - [2009/07/13 19:02:58 | 000,133,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpdr.sys -- (RDPDR)
DRV - [2009/07/13 19:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009/07/13 19:01:55 | 000,177,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2009/07/13 19:01:51 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv)
DRV - [2009/07/13 19:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009/07/13 19:01:40 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPCDD.sys -- (RDPCDD)
DRV - [2009/07/13 19:01:39 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD)
DRV - [2009/07/13 19:01:37 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2009/07/13 19:01:37 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2009/07/13 18:55:24 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\modem.sys -- (Modem)
DRV - [2009/07/13 18:55:02 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wanarp.sys -- (Wanarpv6)
DRV - [2009/07/13 18:55:02 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wanarp.sys -- (WANARP)
DRV - [2009/07/13 18:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV - [2009/07/13 18:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009/07/13 18:54:58 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rassstp.sys -- (RasSstp) WAN Miniport (SSTP)
DRV - [2009/07/13 18:54:53 | 000,077,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2009/07/13 18:54:48 | 000,073,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP)
DRV - [2009/07/13 18:54:46 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2009/07/13 18:54:40 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rasacd.sys -- (RasAcd)
DRV - [2009/07/13 18:54:35 | 000,118,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2009/07/13 18:54:34 | 000,078,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP)
DRV - [2009/07/13 18:54:29 | 000,101,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ipnat.sys -- (IPNAT)
DRV - [2009/07/13 18:54:29 | 000,058,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2009/07/13 18:54:27 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2009/07/13 18:54:24 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2009/07/13 18:54:14 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg)
DRV - [2009/07/13 18:54:13 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV - [2009/07/13 18:54:03 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel)
DRV - [2009/07/13 18:53:58 | 000,104,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\pacer.sys -- (Psched)
DRV - [2009/07/13 18:53:54 | 000,036,352 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\netbios.sys -- (NetBIOS)
DRV - [2009/07/13 18:53:51 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2009/07/13 18:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009/07/13 18:53:41 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smb.sys -- (Smb) Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session)
DRV - [2009/07/13 18:53:27 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\irenum.sys -- (IRENUM)
DRV - [2009/07/13 18:53:20 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr)
DRV - [2009/07/13 18:53:19 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio)
DRV - [2009/07/13 18:52:53 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv)
DRV - [2009/07/13 18:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009/07/13 18:52:03 | 000,267,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP)
DRV - [2009/07/13 18:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009/07/13 18:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009/07/13 18:51:53 | 000,146,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM)
DRV - [2009/07/13 18:51:47 | 000,304,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService)
DRV - [2009/07/13 18:51:39 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\umbus.sys -- (umbus)
DRV - [2009/07/13 18:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009/07/13 18:51:34 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bthmodem.sys -- (BTHMODEM)
DRV - [2009/07/13 18:51:33 | 000,091,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\hidbth.sys -- (HidBth)
DRV - [2009/07/13 18:51:31 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2009/07/13 18:51:29 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ohci1394.sys -- (ohci1394) 1394 OHCI Compliant Host Controller (Legacy)
DRV - [2009/07/13 18:51:23 | 000,080,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2009/07/13 18:51:19 | 000,074,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBSTOR.SYS -- (USBSTOR)
DRV - [2009/07/13 18:51:18 | 000,086,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\usbcir.sys -- (usbcir) eHome Infrared Receiver (USBCIR)
DRV - [2009/07/13 18:51:17 | 000,037,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\circlass.sys -- (circlass)
DRV - [2009/07/13 18:51:14 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\system32\DRIVERS\usbohci.sys -- (usbohci)
DRV - [2009/07/13 18:51:10 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\usbuhci.sys -- (usbuhci)
DRV - [2009/07/13 18:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009/07/13 18:51:05 | 000,037,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\hidir.sys -- (HidIr)
DRV - [2009/07/13 18:51:04 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidusb.sys -- (HidUsb)
DRV - [2009/07/13 18:50:57 | 000,005,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2009/07/13 18:50:56 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2009/07/13 18:50:45 | 000,132,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WUDFRd.sys -- (WUDFRd)
DRV - [2009/07/13 18:50:17 | 000,092,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WUDFPf.sys -- (WudfPf)
DRV - [2009/07/13 18:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009/07/13 18:46:53 | 000,021,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\wacompen.sys -- (WacomPen)
DRV - [2009/07/13 18:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sfloppy.sys -- (sfloppy)
DRV - [2009/07/13 18:45:52 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sffp_mmc.sys -- (sffp_mmc)
DRV - [2009/07/13 18:45:52 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sffdisk.sys -- (sffdisk)
DRV - [2009/07/13 18:45:45 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\fdc.sys -- (fdc)
DRV - [2009/07/13 18:45:45 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\flpydisk.sys -- (flpydisk)
DRV - [2009/07/13 18:45:35 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\parport.sys -- (Parport)
DRV - [2009/07/13 18:45:33 | 000,083,456 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009/07/13 18:45:29 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\parvdm.sys -- (Parvdm)
DRV - [2009/07/13 18:45:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\serenum.sys -- (Serenum)
DRV - [2009/07/13 18:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009/07/13 18:45:09 | 000,028,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\kbdhid.sys -- (kbdhid)
DRV - [2009/07/13 18:45:08 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mouhid.sys -- (mouhid)
DRV - [2009/07/13 18:45:08 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sermouse.sys -- (sermouse)
DRV - [2009/07/13 18:45:08 | 000,008,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2009/07/13 18:45:08 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mstee.sys -- (MSTEE)
DRV - [2009/07/13 18:45:08 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2009/07/13 18:45:07 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mspqm.sys -- (MSPQM)
DRV - [2009/07/13 18:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\beep.sys -- (Beep)
DRV - [2009/07/13 18:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009/07/13 18:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009/07/13 18:30:59 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\IPMIDrv.sys -- (IPMIDRV)
DRV - [2009/07/13 18:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 18:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/13 18:25:59 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\monitor.sys -- (monitor)
DRV - [2009/07/13 18:25:51 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vga.sys -- (VgaSave)
DRV - [2009/07/13 18:25:49 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vgapnp.sys -- (vga)
DRV - [2009/07/13 18:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009/07/13 18:23:04 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2009/07/13 18:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
DRV - [2009/07/13 18:19:19 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\errdev.sys -- (ErrDev)
DRV - [2009/07/13 18:19:18 | 000,014,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\CmBatt.sys -- (CmBatt)
DRV - [2009/07/13 18:19:17 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\wmiacpi.sys -- (WmiAcpi)
DRV - [2009/07/13 18:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009/07/13 18:15:45 | 000,086,528 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\system32\drivers\luafv.sys -- (luafv)
DRV - [2009/07/13 18:15:29 | 000,028,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace)
DRV - [2009/07/13 18:15:13 | 000,387,584 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\csc.sys -- (CSC)
DRV - [2009/07/13 18:14:29 | 000,241,664 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\rdbss.sys -- (rdbss)
DRV - [2009/07/13 18:14:26 | 000,115,712 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2009/07/13 18:14:22 | 000,069,632 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\bowser.sys -- (bowser)
DRV - [2009/07/13 18:14:17 | 000,078,336 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC)
DRV - [2009/07/13 18:14:09 | 000,246,784 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\udfs.sys -- (udfs)
DRV - [2009/07/13 18:14:03 | 000,142,336 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\exfat.sys -- (exfat)
DRV - [2009/07/13 18:14:02 | 000,148,480 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fastfat.sys -- (fastfat)
DRV - [2009/07/13 18:12:59 | 000,513,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\http.sys -- (HTTP)
DRV - [2009/07/13 18:12:38 | 000,338,944 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\afd.sys -- (AFD)
DRV - [2009/07/13 18:12:21 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\netbt.sys -- (NetBT)
DRV - [2009/07/13 18:12:11 | 000,074,240 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tdx.sys -- (tdx)
DRV - [2009/07/13 18:12:08 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy)
DRV - [2009/07/13 18:11:32 | 000,035,328 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\npfs.sys -- (Npfs)
DRV - [2009/07/13 18:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdrom.sys -- (cdrom)
DRV - [2009/07/13 18:11:26 | 000,022,528 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\msfs.sys -- (Msfs)
DRV - [2009/07/13 18:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2009/07/13 18:11:15 | 000,070,656 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\Windows\System32\drivers\cdfs.sys -- (cdfs)
DRV - [2009/07/13 18:11:12 | 000,004,608 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\null.sys -- (Null)
DRV - [2009/07/13 18:11:04 | 000,055,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8)
DRV - [2009/07/13 18:11:04 | 000,053,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\intelppm.sys -- (intelppm)
DRV - [2009/07/13 18:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viac7.sys -- (ViaC7)
DRV - [2009/07/13 18:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009/07/13 18:11:04 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\processr.sys -- (Processor)
DRV - [2009/07/13 17:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 17:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009/07/13 17:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009/07/13 17:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009/07/13 17:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009/07/13 17:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009/07/13 17:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009/07/13 17:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009/07/13 17:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009/07/13 17:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009/07/13 15:50:20 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2008/03/22 16:37:20 | 000,113,896 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\keyscrambler.sys -- (KeyScrambler)
DRV - [2007/08/09 20:12:30 | 000,110,624 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2007/06/29 11:11:02 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/20 05:29:56 | 000,984,064 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/06/20 05:28:38 | 000,267,264 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2007/06/20 05:28:22 | 000,660,480 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/06/19 08:26:58 | 000,012,672 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mdmxsdk.sys -- (mdmxsdk)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://search.shareazaweb.com/
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: elemhidehelper@adblockplus.org:1.0.6
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.63
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.2

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010/03/27 22:24:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/06/27 20:03:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox 3.6 Beta 1\components [2010/08/07 19:28:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox 3.6 Beta 1\plugins [2010/08/04 13:18:23 | 000,000,000 | ---D | M]

[2010/03/27 22:28:09 | 000,000,000 | ---D | M] -- C:\Users\ben ld\AppData\Roaming\Mozilla\Extensions
[2010/03/27 13:53:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ben ld\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/10/26 05:23:21 | 000,000,000 | ---D | M] -- C:\Users\ben ld\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2010/08/14 00:03:45 | 000,000,000 | ---D | M] -- C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\s8rnm6hz.default\extensions
[2010/04/29 12:25:05 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\s8rnm6hz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/04 01:59:30 | 000,000,000 | ---D | M] (Page Title Eraser) -- C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\s8rnm6hz.default\extensions\{791DB184-BFBA-11DA-9C61-0638DF403F48}
[2010/04/15 22:41:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\s8rnm6hz.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2010/04/04 01:51:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\s8rnm6hz.default\extensions\{B347DFB4-AC21-11DD-9016-B77D55D89593}
[2010/07/11 00:55:01 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\s8rnm6hz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/03/27 22:28:09 | 000,000,000 | ---D | M] -- C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\s8rnm6hz.default\extensions\elemhidehelper@adblockplus.org
[2010/08/11 23:08:00 | 000,000,000 | ---D | M] -- C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\s8rnm6hz.default\extensions\keyscrambler@qfx.software.corporation
[2010/08/11 23:08:00 | 000,000,000 | ---D | M] -- C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\s8rnm6hz.default\extensions\longurlplease@darragh.curran
[2010/08/11 23:08:00 | 000,000,000 | ---D | M] -- C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\s8rnm6hz.default\extensions\optimizegoogle@optimizegoogle.com
[2010/08/04 14:18:17 | 000,000,000 | ---D | M] -- C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\s8rnm6hz.default\extensions\redirectcleaner@example.net
[2010/03/27 22:28:10 | 000,000,000 | ---D | M] -- C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\extensions
[2010/03/27 22:28:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2010/03/27 22:28:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/03/27 22:28:10 | 000,000,000 | ---D | M] -- C:\Users\ben ld\AppData\Roaming\Mozilla\Firefox\Profiles\vwtd8quu.default\extensions\elemhidehelper@adblockplus.org
[2010/03/27 22:19:28 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/03/27 22:19:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2010/03/27 22:19:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010/03/27 22:19:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
[2009/12/17 18:14:01 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2009/10/17 20:30:07 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2010/02/24 02:01:00 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2010/02/24 02:01:00 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2010/02/24 02:01:01 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2010/02/24 02:01:01 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2010/02/24 02:01:01 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2010/02/24 02:01:02 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2010/02/24 02:01:02 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (IGMONObj Class) - {02464DDC-3187-11D8-8004-0020ED227566} - C:\Program Files\iGetter\Integration\IGMON.dll (Presenta Ltd.)
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (CKeyScramblerBHO Object) - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\Mcafee\SystemCore\ScriptSn.20100802234835.dll (McAfee, Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (UrlHelper Class) - {CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - C:\Program Files\Shareaza Applications\Shareaza\ShareazaIEHelper.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files\Lexmark Fax Solutions\fm3032.exe ()
O4 - HKLM..\Run: [LGODDFU] C:\Program Files\lg_fwupdate\fwupdate.exe (BitLeader)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [lxdnamon] C:\Program Files\Lexmark 2600 Series\lxdnamon.exe ()
O4 - HKLM..\Run: [lxdnmon.exe] C:\Program Files\Lexmark 2600 Series\lxdnmon.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [Google Update] C:\Users\ben ld\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\ben ld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MemTurbo.lnk = C:\Program Files\MemTurbo 4\MemTurbo.exe (SammSoft (www.sammsoft.com))
O4 - Startup: C:\Users\ben ld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ViiKiiDesktopPlugin.lnk = C:\Program Files\ViiKiiDesktopPlugin\ViiKiiDesktopPlugin.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Download all with iGetter - C:\Program Files\iGetter\Integration\igetall.html ()
O8 - Extra context menu item: Download with iGetter - C:\Program Files\iGetter\Integration\iget.html ()
O9 - Extra 'Tools' menuitem : &KeyScrambler... - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab (PCMaticVer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/01/29 10:28:46 | 000,000,247 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{836bc165-8cad-11df-a666-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{836bc165-8cad-11df-a666-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup.exe -- [2009/01/29 10:43:49 | 000,307,880 | R--- | M] ( )
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)

========== Files/Folders - Created Within 360 Days ==========

[2010/08/14 20:04:04 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\ben ld\Desktop\OTL.exe
[2010/08/14 20:01:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Lx_cats
[2010/08/14 19:56:49 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2010/08/14 19:49:02 | 000,000,000 | ---D | C] -- C:\logs
[2010/08/14 19:46:11 | 000,339,968 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\System32\IMGMAN32.DLL
[2010/08/14 19:46:11 | 000,098,345 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\System32\IMHOST32.DLL
[2010/08/14 19:46:11 | 000,098,304 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\System32\IM31XPNG.DEL
[2010/08/14 19:46:11 | 000,069,632 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\System32\IM31XTIF.DEL
[2010/08/14 19:46:11 | 000,049,152 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\System32\IM31IMG.DIL
[2010/08/14 19:46:08 | 000,000,000 | ---D | C] -- C:\ProgramData\FaxCtr
[2010/08/14 19:45:55 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark Fax Solutions
[2010/08/14 19:45:39 | 000,000,000 | ---D | C] -- C:\Program Files\Abbyy FineReader 6.0 Sprint
[2010/08/14 19:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark Toolbar
[2010/08/14 19:42:57 | 000,102,400 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\System32\lxdnwupd.dll
[2010/08/14 19:42:57 | 000,017,064 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\System32\lxdnwupd.exe
[2010/08/14 19:42:39 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\LXDNhcp.dll
[2010/08/14 19:42:39 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxdninpa.dll
[2010/08/14 19:42:39 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdniesc.dll
[2010/08/14 19:42:38 | 001,101,824 | ---- | C] ( ) -- C:\Windows\System32\lxdnserv.dll
[2010/08/14 19:42:38 | 000,843,776 | ---- | C] ( ) -- C:\Windows\System32\lxdnusb1.dll
[2010/08/14 19:42:37 | 000,647,168 | ---- | C] ( ) -- C:\Windows\System32\lxdnpmui.dll
[2010/08/14 19:42:37 | 000,569,344 | ---- | C] ( ) -- C:\Windows\System32\lxdnlmpm.dll
[2010/08/14 19:42:37 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdnprox.dll
[2010/08/14 19:42:36 | 000,663,552 | ---- | C] ( ) -- C:\Windows\System32\lxdnhbn3.dll
[2010/08/14 19:42:36 | 000,320,168 | ---- | C] ( ) -- C:\Windows\System32\lxdnih.exe
[2010/08/14 19:42:35 | 000,983,121 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lxdngf.dll
[2010/08/14 19:42:34 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\lxdncomc.dll
[2010/08/14 19:42:34 | 000,594,600 | ---- | C] ( ) -- C:\Windows\System32\lxdncoms.exe
[2010/08/14 19:42:34 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\lxdncomm.dll
[2010/08/14 19:42:34 | 000,365,224 | ---- | C] ( ) -- C:\Windows\System32\lxdncfg.exe
[2010/08/14 19:42:34 | 000,077,906 | ---- | C] (Lexmark International) -- C:\Windows\System32\LXDNcfg.dll
[2010/08/14 19:42:23 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark 2600 Series
[2010/08/13 00:48:41 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Local\Apps
[2010/08/12 23:39:30 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\SUPERAntiSpyware.com
[2010/08/12 23:39:12 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/08/12 23:29:57 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2010/08/12 17:24:27 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/08/12 17:22:32 | 009,242,552 | ---- | C] (SUPERAntiSpyware.com) -- C:\Users\ben ld\Desktop\SUPERAntiSpyware.exe
[2010/08/12 17:16:46 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\ben ld\Desktop\TFC.exe
[2010/08/12 16:46:53 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/08/12 16:46:53 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/08/12 16:46:39 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/08/12 16:46:37 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/08/12 16:46:37 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/08/12 16:46:37 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/08/12 16:46:36 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/08/12 16:46:36 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/08/12 16:46:35 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/08/12 16:46:35 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/08/12 16:46:24 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010/08/12 16:45:42 | 000,197,632 | ---- | C] (Intel® Corporation) -- C:\Windows\System32\ir32_32.dll
[2010/08/12 16:45:42 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2010/08/12 04:53:13 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\Malwarebytes
[2010/08/12 04:51:20 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/08/12 04:50:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/08/12 04:50:42 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/08/12 04:50:42 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/08/12 04:43:50 | 006,153,376 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\ben ld\Desktop\mbam-setup.exe
[2010/08/12 03:56:32 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\vlc
[2010/08/11 23:45:20 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\McAfee
[2010/08/11 23:14:02 | 002,326,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/08/11 22:53:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\Power2Go
[2010/08/09 22:57:27 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/08/04 14:18:44 | 000,113,896 | ---- | C] (QFX Software Corporation) -- C:\Windows\System32\drivers\keyscrambler.sys
[2010/08/04 14:18:44 | 000,000,000 | ---D | C] -- C:\Program Files\KeyScrambler
[2010/07/11 11:56:03 | 000,000,000 | ---D | C] -- C:\Users\ben ld\Desktop\j2
[2010/07/11 01:38:26 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\OfficeRecovery
[2010/07/11 01:19:05 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2010/07/11 01:09:41 | 000,000,000 | ---D | C] -- C:\Program Files\DiskInternals
[2010/07/11 00:42:58 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Local\Power2Go
[2010/07/09 01:20:41 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2010/07/04 14:47:48 | 000,000,000 | ---D | C] -- C:\Users\ben ld\Desktop\diablo items
[2010/07/03 02:26:48 | 000,000,000 | ---D | C] -- C:\Program Files\iGetter
[2010/07/02 17:33:36 | 000,000,000 | ---D | C] -- C:\Program Files\Diablo II
[2010/07/02 17:33:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2010/07/02 17:30:14 | 000,000,000 | ---D | C] -- C:\Users\ben ld\Documents\CyberLink
[2010/07/02 17:30:13 | 000,000,000 | ---D | C] -- C:\Users\ben ld\Cyberlink
[2010/07/02 17:28:10 | 000,000,000 | ---D | C] -- C:\Users\ben ld\Documents\Youcam
[2010/07/02 17:25:27 | 000,000,000 | ---D | C] -- C:\Temp
[2010/07/02 17:23:41 | 000,115,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSINET.OCX
[2010/07/02 17:23:41 | 000,102,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB6KO.DLL
[2010/07/02 17:23:41 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemdisp.tlb
[2010/07/02 17:23:40 | 000,016,384 | ---- | C] (BitLeader) -- C:\Windows\System32\lgfwunis.exe
[2010/07/02 17:23:36 | 000,000,000 | ---D | C] -- C:\Program Files\lg_fwupdate
[2010/07/02 17:16:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CyberLink
[2010/07/02 17:15:01 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\CyberLink
[2010/07/02 17:10:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe
[2010/07/02 17:08:44 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2010/07/02 17:08:30 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2010/06/28 02:24:52 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\ViiKiiDesktopPlugin.5E22EA0FF243470AB5EDDF282C0A5B52E9909C36.1
[2010/06/28 02:24:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010/06/28 02:24:46 | 000,000,000 | ---D | C] -- C:\Program Files\ViiKiiDesktopPlugin
[2010/06/28 02:24:44 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/06/28 02:24:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/06/28 02:24:08 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Local\Adobe
[2010/06/27 20:02:56 | 000,000,000 | ---D | C] -- C:\Program Files\Diablo II.temp
[2010/06/27 20:02:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment.temp
[2010/06/27 19:57:50 | 000,000,000 | ---D | C] -- C:\Program Files\McAfeeMOBK
[2010/06/27 19:57:45 | 000,054,776 | ---- | C] (Mozy, Inc.) -- C:\Windows\System32\drivers\MOBK.sys
[2010/06/27 19:57:03 | 000,009,344 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeclnk.sys
[2010/06/27 19:56:27 | 000,312,616 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfefirek.sys
[2010/06/27 19:56:27 | 000,160,720 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfewfpk.sys
[2010/06/27 19:56:27 | 000,152,320 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys
[2010/06/27 19:56:27 | 000,083,496 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdet.sys
[2010/06/27 19:56:27 | 000,064,304 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfenlfk.sys
[2010/06/27 19:56:27 | 000,055,456 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\cfwids.sys
[2010/06/27 19:56:27 | 000,051,688 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys
[2010/06/27 19:56:21 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2010/06/27 19:56:18 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2010/06/25 03:02:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/06/23 03:02:08 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010/06/23 03:02:08 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010/06/23 03:02:07 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010/06/23 00:40:53 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2010/06/23 00:40:51 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010/06/23 00:40:50 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010/06/23 00:40:50 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010/06/22 06:25:32 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/06/21 00:05:27 | 000,000,000 | ---D | C] -- C:\Program Files\MemTurbo 4
[2010/06/20 23:59:53 | 000,000,000 | ---D | C] -- C:\Program Files\Hard Disk Tune-Up
[2010/06/20 23:57:43 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\Sammsoft
[2010/06/20 23:57:14 | 000,000,000 | ---D | C] -- C:\Program Files\Advanced Registry Optimizer
[2010/06/18 23:28:09 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Online Backup
[2010/06/18 15:50:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Mcafee
[2010/06/18 15:41:15 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2010/06/18 15:36:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2010/06/15 19:14:12 | 000,000,000 | ---D | C] -- C:\Program Files\Pure Networks
[2010/06/15 19:11:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Pure Networks Shared
[2010/06/14 00:57:06 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\iGetter
[2010/06/13 01:31:06 | 000,000,000 | ---D | C] -- C:\Users\ben ld\Documents\My Games
[2010/06/13 01:31:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Age of Empires 3
[2010/06/13 00:25:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/06/13 00:19:13 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/06/13 00:17:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Games
[2010/06/13 00:16:19 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2010/06/13 00:16:10 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2010/06/12 22:49:06 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2010/06/12 22:48:34 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/06/12 22:48:34 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010/06/03 20:43:26 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\OpenOffice.org
[2010/06/03 20:32:55 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2010/05/31 17:43:22 | 000,000,000 | ---D | C] -- C:\Program Files\ReflexiveArcade
[2010/05/31 02:30:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Oberon Media
[2010/05/31 02:29:53 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Games
[2010/05/31 02:12:01 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Local\Microsoft Games
[2010/05/26 19:19:48 | 000,000,000 | ---D | C] -- C:\Users\ben ld\Tracing
[2010/05/26 19:18:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/05/26 19:16:37 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010/05/26 19:14:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010/05/26 19:00:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft LifeCam
[2010/05/26 19:00:37 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2010/05/26 19:00:37 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2010/05/26 05:26:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/05/21 14:35:28 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010/05/14 13:02:52 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\skypePM
[2010/05/14 12:59:34 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\Skype
[2010/05/14 12:58:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/05/14 12:58:26 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/05/14 12:58:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010/04/28 12:58:08 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010/04/28 12:58:08 | 000,133,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecpkg.sys
[2010/04/26 17:04:42 | 000,353,592 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\DivXControlPanelApplet.cpl
[2010/04/24 11:52:52 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2010/04/24 11:49:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVSMedia
[2010/04/24 11:49:32 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\GdiPlus.dll
[2010/04/24 11:49:32 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc70.dll
[2010/04/24 11:49:32 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp70.dll
[2010/04/24 11:49:32 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr70.dll
[2010/04/24 11:49:32 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3a.dll
[2010/04/24 11:49:31 | 000,000,000 | ---D | C] -- C:\Program Files\AVS4YOU
[2010/04/24 11:48:47 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Local\ElevatedDiagnostics
[2010/04/14 12:50:14 | 000,385,880 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfehidk.sys
[2010/04/14 12:50:14 | 000,095,568 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeapfk.sys
[2010/04/14 12:00:01 | 000,000,000 | ---D | C] -- C:\ProgramData\FileCure
[2010/04/13 15:55:50 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010/04/06 02:20:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2010/04/06 02:10:31 | 000,266,552 | ---- | C] (My Privacy Tools, Inc.) -- C:\Windows\System32\HMIPCore.dll
[2010/04/03 18:27:27 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/04/03 18:10:34 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/03/31 00:42:31 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2010/03/30 01:22:03 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\DivX
[2010/03/30 01:21:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2010/03/30 01:17:39 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010/03/28 04:04:55 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010/03/28 04:04:40 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2010/03/28 04:04:39 | 000,507,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2010/03/28 04:04:38 | 000,442,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2010/03/28 04:04:36 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010/03/28 04:04:23 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010/03/28 04:04:18 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010/03/28 04:04:17 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010/03/28 04:04:15 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010/03/28 04:04:15 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010/03/28 04:04:15 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010/03/28 04:03:56 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010/03/28 04:03:38 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010/03/28 04:03:38 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010/03/28 04:03:38 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010/03/28 04:03:38 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010/03/28 04:03:38 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010/03/28 04:03:38 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010/03/28 04:03:37 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010/03/28 04:03:37 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010/03/28 00:12:57 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010/03/28 00:05:56 | 000,000,000 | -H-D | C] -- C:\$WINDOWS.~Q
[2010/03/28 00:00:21 | 000,000,000 | -H-D | C] -- C:\$INPLACE.~TR
[2010/03/27 22:16:57 | 000,000,000 | --SD | C] -- C:\Users\ben ld\AppData\Roaming\Microsoft
[2010/03/27 22:16:57 | 000,000,000 | R--D | C] -- C:\Users\ben ld\Videos
[2010/03/27 22:16:57 | 000,000,000 | R--D | C] -- C:\Users\ben ld\Saved Games
[2010/03/27 22:16:57 | 000,000,000 | R--D | C] -- C:\Users\ben ld\Pictures
[2010/03/27 22:16:57 | 000,000,000 | R--D | C] -- C:\Users\ben ld\Music
[2010/03/27 22:16:57 | 000,000,000 | R--D | C] -- C:\Users\ben ld\Links
[2010/03/27 22:16:57 | 000,000,000 | R--D | C] -- C:\Users\ben ld\Favorites
[2010/03/27 22:16:57 | 000,000,000 | R--D | C] -- C:\Users\ben ld\Downloads
[2010/03/27 22:16:57 | 000,000,000 | R--D | C] -- C:\Users\ben ld\My Documents
[2010/03/27 22:16:57 | 000,000,000 | R--D | C] -- C:\Users\ben ld\Desktop
[2010/03/27 22:16:57 | 000,000,000 | -HSD | C] -- C:\Users\ben ld\AppData\Local\Temporary Internet Files
[2010/03/27 22:16:57 | 000,000,000 | -HSD | C] -- C:\Users\ben ld\Templates
[2010/03/27 22:16:57 | 000,000,000 | -HSD | C] -- C:\Users\ben ld\Start Menu
[2010/03/27 22:16:57 | 000,000,000 | -HSD | C] -- C:\Users\ben ld\SendTo
[2010/03/27 22:16:57 | 000,000,000 | -HSD | C] -- C:\Users\ben ld\Recent
[2010/03/27 22:16:57 | 000,000,000 | -HSD | C] -- C:\Users\ben ld\PrintHood
[2010/03/27 22:16:57 | 000,000,000 | -HSD | C] -- C:\Users\ben ld\NetHood
[2010/03/27 22:16:57 | 000,000,000 | -HSD | C] -- C:\Users\ben ld\Documents\My Videos
[2010/03/27 22:16:57 | 000,000,000 | -HSD | C] -- C:\Users\ben ld\Documents\My Pictures
[2010/03/27 22:16:57 | 000,000,000 | -HSD | C] -- C:\Users\ben ld\Documents\My Music
[2010/03/27 22:16:57 | 000,000,000 | -HSD | C] -- C:\Users\ben ld\My Documents
[2010/03/27 22:16:57 | 000,000,000 | -HSD | C] -- C:\Users\ben ld\Local Settings
[2010/03/27 22:16:57 | 000,000,000 | -HSD | C] -- C:\Users\ben ld\AppData\Local\History
[2010/03/27 22:16:57 | 000,000,000 | -HSD | C] -- C:\Users\ben ld\Cookies
[2010/03/27 22:16:57 | 000,000,000 | -HSD | C] -- C:\Users\ben ld\Application Data
[2010/03/27 22:16:57 | 000,000,000 | -HSD | C] -- C:\Users\ben ld\AppData\Local\Application Data
[2010/03/27 22:16:57 | 000,000,000 | -H-D | C] -- C:\Users\ben ld\AppData
[2010/03/27 22:16:57 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Local\Temp
[2010/03/27 22:16:57 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Local\Microsoft
[2010/03/27 22:16:57 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\Media Center Programs
[2010/03/27 22:15:43 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2010/03/27 22:13:55 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010/03/27 21:57:58 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Local\Diagnostics
[2010/03/27 21:51:43 | 000,000,000 | -H-D | C] -- C:\Users\ben ld\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2010/03/27 21:50:32 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010/03/27 20:31:01 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Local\Microsoft Corporation
[2010/03/23 23:04:55 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\Trillian
[2010/03/23 23:04:09 | 000,000,000 | ---D | C] -- C:\Program Files\Trillian
[2010/03/22 04:02:06 | 000,000,000 | ---D | C] -- C:\ddace2f2e2528f086f7165d076bd
[2010/03/18 13:16:28 | 000,771,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr100_clr0400.dll
[2010/03/12 18:41:16 | 000,677,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LCCoin32.dll
[2010/03/12 18:41:16 | 000,503,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LcProxy.ax
[2010/03/12 18:41:16 | 000,039,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nx6000res.dll
[2010/03/12 18:41:16 | 000,030,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\nx6000.sys
[2010/03/10 14:29:32 | 000,094,208 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\dpl100.dll
[2010/02/24 02:06:41 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\Apple Computer
[2010/02/24 02:06:41 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Local\Apple Computer
[2010/02/24 02:05:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010/02/24 02:03:56 | 000,000,000 | ---D | C] -- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/02/24 01:59:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/02/24 01:59:04 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Local\Apple
[2010/02/24 01:53:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010/02/24 01:53:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/02/20 03:04:21 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Local\Threat Expert
[2010/02/19 14:27:36 | 000,720,384 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\DivX.dll
[2010/02/19 14:27:16 | 000,856,064 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\divx_xx0c.dll
[2010/02/19 14:27:16 | 000,856,064 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\divx_xx07.dll
[2010/02/19 14:27:16 | 000,847,872 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\divx_xx0a.dll
[2010/02/19 14:27:16 | 000,843,776 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\divx_xx16.dll
[2010/02/19 14:27:16 | 000,839,680 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\divx_xx11.dll
[2010/02/10 05:32:17 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/02/10 04:21:24 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Local\Google
[2010/02/10 02:58:54 | 000,000,000 | ---D | C] -- C:\b9a630491943bdec98ca
[2010/02/10 02:12:58 | 000,000,000 | ---D | C] -- C:\Program Files\Veoh Networks
[2010/01/29 04:33:37 | 000,000,000 | ---D | C] -- C:\Program Files\PC Medkit
[2010/01/28 13:19:18 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/01/28 13:19:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/01/28 13:19:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/01/27 23:45:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/01/27 23:45:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/01/27 18:37:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe
[2010/01/21 21:44:47 | 000,000,000 | ---D | C] -- C:\Di
[2010/01/21 21:43:04 | 000,000,000 | ---D | C] -- C:\Diablo1
[2010/01/21 21:42:37 | 000,000,000 | ---D | C] -- C:\Diablo
[2010/01/15 23:51:45 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010/01/15 23:46:30 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010/01/15 23:44:18 | 000,000,000 | ---D | C] -- C:\Users\ben ld\{32087b9a-bd43-4b64-83a5-488a768355e7}
[2010/01/15 23:42:58 | 000,182,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod178.dll
[2010/01/13 21:32:17 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\MailWasherPro
[2010/01/13 03:41:45 | 000,000,000 | ---D | C] -- C:\b33bf8dec78da79a1437bccc
[2010/01/07 19:15:38 | 001,084,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.002
[2010/01/07 19:15:38 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.001
[2010/01/07 19:15:38 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.003
[2010/01/07 19:15:37 | 001,028,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.000
[2010/01/06 01:44:15 | 000,000,000 | R--D | C] -- C:\Users\ben ld\Desktop\desktop icons
[2010/01/05 01:54:31 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2009/12/27 16:02:25 | 000,000,000 | ---D | C] -- C:\ProgramData\TrueCrypt
[2009/12/14 20:57:58 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\Foxit Software
[2009/12/11 01:28:40 | 000,170,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod167.dll
[2009/12/10 04:03:46 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2009/12/09 16:55:28 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\PCPitstop
[2009/12/09 16:52:45 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2009/12/08 23:44:39 | 000,000,000 | ---D | C] -- C:\ProgramData\PCPitstop
[2009/12/08 23:44:36 | 000,000,000 | ---D | C] -- C:\Program Files\PCPitstop
[2009/12/08 23:41:03 | 001,640,400 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll.old
[2009/12/08 23:37:51 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2009/12/07 18:31:21 | 000,000,000 | ---D | C] -- C:\CreativesFiles
[2009/12/07 18:26:37 | 000,000,000 | ---D | C] -- C:\Users\ben ld\Documents\Shareaza
[2009/12/07 18:26:37 | 000,000,000 | ---D | C] -- C:\Users\ben ld\Documents\My Received Files
[2009/12/07 18:26:05 | 000,483,328 | ---- | C] (SoftShape Development) -- C:\Windows\System32\actskn45.ocx
[2009/12/07 18:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\Shareaza Applications
[2009/12/07 17:33:49 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/12/03 01:01:43 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Local\Shareaza
[2009/12/03 01:01:35 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\Shareaza
[2009/12/03 01:01:30 | 000,000,000 | ---D | C] -- C:\Program Files\Shareaza
[2009/12/02 20:24:48 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2009/12/02 19:43:36 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\FrostWire
[2009/11/29 17:29:13 | 000,000,000 | ---D | C] -- C:\Program Files\FrostWire
[2009/11/28 19:13:05 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Local\Ares
[2009/11/27 21:36:21 | 000,000,000 | ---D | C] -- C:\Program Files\Rosetta Stone
[2009/11/27 21:35:09 | 000,000,000 | ---D | C] -- C:\ProgramData\RosettaStoneLtdBackup
[2009/11/27 21:06:28 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2009/11/27 21:05:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2009/11/27 21:04:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Rosetta Stone
[2009/11/26 04:40:59 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox 3.6 Beta 1
[2009/11/20 04:29:13 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\Uniblue
[2009/11/20 04:29:03 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2009/11/10 22:57:18 | 000,000,000 | ---D | C] -- C:\Program Files\LeechGet 2009
[2009/11/03 00:59:07 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\dvdcss
[2009/10/26 05:26:37 | 000,000,000 | ---D | C] -- C:\Users\ben ld\Incomplete
[2009/10/26 05:23:38 | 000,000,000 | ---D | C] -- C:\Users\ben ld\Documents\LimeWire
[2009/10/26 05:22:58 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\LimeWire
[2009/10/22 01:29:10 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2009/10/22 01:28:58 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2009/10/21 09:17:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2009/10/21 09:17:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2009/10/21 09:17:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2009/10/21 01:01:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2009/10/20 17:59:04 | 000,409,600 | ---- | C] ( ) -- C:\Windows\System32\lxdncoin.dll
[2009/10/20 03:48:02 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll
[2009/10/20 03:47:54 | 000,928,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavenge.dll
[2009/10/20 03:47:51 | 000,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz2.dll
[2009/10/20 03:47:51 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WscEapPr.dll
[2009/10/20 03:47:37 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IasMigReader.exe
[2009/10/20 03:47:09 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compcln.exe
[2009/10/19 01:00:20 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\Sinner
[2009/10/19 01:00:20 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\ACAPsoft
[2009/10/19 00:59:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallerA
[2009/10/19 00:59:37 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Local\ACAPsoft
[2009/10/18 01:03:02 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deploytk.dll
[2009/10/18 01:02:45 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2009/10/18 00:19:57 | 000,000,000 | ---D | C] -- C:\Users\ben ld\Documents\Graboid
[2009/10/18 00:16:20 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Local\Graboid_Inc
[2009/10/18 00:16:18 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\MozillaControl
[2009/10/18 00:16:18 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Local\Graboid
[2009/10/18 00:16:03 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla ActiveX Control v1.7.12
[2009/10/18 00:14:39 | 000,000,000 | ---D | C] -- C:\Program Files\Graboid
[2009/10/17 20:33:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2009/10/17 20:33:04 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2009/10/17 20:30:34 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\Foxit
[2009/10/17 20:30:24 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit Software
[2009/10/14 04:39:07 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\WinRAR
[2009/10/14 04:38:33 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2009/10/14 01:18:45 | 000,000,000 | ---D | C] -- C:\RDesc
[2009/10/14 01:17:33 | 000,000,000 | ---D | C] -- C:\downloads
[2009/10/12 01:22:19 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Local\Opera
[2009/10/12 01:22:18 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\Opera
[2009/10/12 01:22:00 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2009/10/11 02:52:52 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\FFSJ
[2009/10/09 19:50:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2009/10/09 19:50:26 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2009/10/09 15:00:18 | 000,000,000 | ---D | C] -- C:\Users\ben ld\Documents\MT_09
[2009/10/05 19:24:21 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2009/10/02 03:25:54 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\Media Player Classic
[2009/10/02 03:12:46 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\System32\lameACM.acm
[2009/10/02 03:12:46 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll
[2009/10/02 03:12:46 | 000,118,784 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm
[2009/10/02 03:12:46 | 000,039,936 | ---- | C] (Disappearing Inc.) -- C:\Windows\System32\huffyuv.dll
[2009/10/02 03:12:45 | 000,630,784 | ---- | C] (On2.com) -- C:\Windows\System32\vp7vfw.dll
[2009/10/02 03:12:41 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2009/10/01 14:16:00 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2009/10/01 13:46:43 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2009/10/01 13:40:05 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2009/10/01 13:40:05 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[2009/10/01 13:39:17 | 001,108,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpluir.dll
[2009/10/01 13:39:16 | 000,592,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvuninst.exe
[2009/10/01 03:48:54 | 000,000,000 | -HSD | C] -- C:\Boot
[2009/10/01 03:43:00 | 000,000,000 | ---D | C] -- C:\Windows.old
[2009/10/01 03:31:04 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2009/10/01 03:23:00 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\Macromedia
[2009/10/01 03:23:00 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\Adobe
[2009/10/01 03:21:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2009/10/01 03:17:10 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\Mozilla
[2009/10/01 03:17:10 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Local\Mozilla
[2009/10/01 03:16:58 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/10/01 03:15:38 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.dll
[2009/10/01 03:15:38 | 000,505,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp71.dll
[2009/10/01 03:15:38 | 000,353,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr71.dll
[2009/10/01 03:15:36 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/10/01 03:10:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Grisoft
[2009/10/01 03:01:51 | 000,000,000 | R--D | C] -- C:\Users\ben ld\Searches
[2009/10/01 03:01:42 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Roaming\Identities
[2009/10/01 03:01:40 | 000,000,000 | R--D | C] -- C:\Users\ben ld\Contacts
[2009/10/01 03:01:39 | 000,000,000 | ---D | C] -- C:\Users\ben ld\AppData\Local\VirtualStore
[2009/10/01 02:53:34 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2009/09/27 23:12:22 | 011,197,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2009/09/27 23:12:22 | 009,509,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2009/09/27 23:12:22 | 002,169,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2009/09/27 23:12:22 | 001,997,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2009/09/27 23:12:22 | 001,714,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2009/09/27 23:12:22 | 001,074,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2009/09/27 23:12:22 | 000,795,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpinst.exe
[2009/09/27 23:12:22 | 000,490,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvudisp.exe
[2009/09/27 23:12:22 | 000,170,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod.dll
[2009/09/27 23:12:22 | 000,010,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd
[2009/09/27 18:47:30 | 002,173,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcplui.exe
[2009/09/27 18:47:30 | 000,420,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.cpl
[2009/09/27 18:47:00 | 000,150,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll
[2009/09/27 17:47:00 | 004,033,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvvitvs.dll
[2009/09/27 17:47:00 | 003,553,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgames.dll
[2009/09/27 17:47:00 | 003,172,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwss.dll
[2009/09/27 17:47:00 | 001,309,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvs.dll
[2009/09/27 17:47:00 | 001,292,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmobls.dll
[2009/09/27 17:47:00 | 000,805,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll
[2009/09/27 17:47:00 | 000,195,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmccss.dll
[2009/09/27 17:47:00 | 000,092,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll
[2009/09/27 17:46:00 | 013,949,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll
[2009/09/27 17:46:00 | 004,942,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdisps.dll
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]





========== Files - Modified Within 360 Days ==========

[2010/08/14 20:08:33 | 001,835,008 | ---- | M] () -- C:\Users\ben ld\ntuser.dat
[2010/08/14 20:04:08 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\ben ld\Desktop\OTL.exe
[2010/08/14 20:04:01 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2797464938-3135893560-1101105139-1000UA.job
[2010/08/14 19:59:31 | 000,009,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/14 19:59:31 | 000,009,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/14 19:49:04 | 000,085,023 | ---- | M] () -- C:\Windows\System32\LexFiles.ulf
[2010/08/14 19:45:20 | 000,001,037 | ---- | M] () -- C:\Users\Public\Desktop\Lexmark Productivity Studio - 2600 Series.LNK
[2010/08/14 02:04:01 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2797464938-3135893560-1101105139-1000Core.job
[2010/08/13 01:12:14 | 000,726,316 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/08/13 01:12:14 | 000,623,940 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/08/13 01:12:14 | 000,106,316 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/08/13 01:06:15 | 000,001,838 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Total Protection.lnk
[2010/08/13 01:06:15 | 000,000,999 | ---- | M] () -- C:\Users\ben ld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MemTurbo.lnk
[2010/08/13 01:06:13 | 000,001,073 | ---- | M] () -- C:\Users\ben ld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ViiKiiDesktopPlugin.lnk
[2010/08/13 01:06:11 | 000,000,337 | ---- | M] () -- C:\Windows\lgfwup.ini
[2010/08/13 01:05:06 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/13 01:04:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/13 01:04:57 | 2314,903,552 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/13 01:02:53 | 001,817,742 | -H-- | M] () -- C:\Users\ben ld\AppData\Local\IconCache.db
[2010/08/12 23:39:22 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
[2010/08/12 19:08:00 | 000,002,568 | ---- | M] () -- C:\Windows\MOBK.blk
[2010/08/12 19:08:00 | 000,000,296 | ---- | M] () -- C:\Windows\MOBK.flt
[2010/08/12 17:22:51 | 009,242,552 | ---- | M] (SUPERAntiSpyware.com) -- C:\Users\ben ld\Desktop\SUPERAntiSpyware.exe
[2010/08/12 17:16:49 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\ben ld\Desktop\TFC.exe
[2010/08/12 04:51:40 | 000,001,017 | ---- | M] () -- C:\Users\ben ld\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/08/12 04:51:40 | 000,000,993 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/12 04:45:08 | 006,153,376 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\ben ld\Desktop\mbam-setup.exe
[2010/08/12 03:55:40 | 000,001,038 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010/08/12 03:02:49 | 000,301,832 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/08/11 23:09:07 | 000,524,288 | -HS- | M] () -- C:\Users\ben ld\ntuser.dat{d2b5b459-a5c5-11df-aa27-001c256e1b14}.TMContainer00000000000000000002.regtrans-ms
[2010/08/11 23:09:07 | 000,065,536 | -HS- | M] () -- C:\Users\ben ld\ntuser.dat{d2b5b459-a5c5-11df-aa27-001c256e1b14}.TM.blf
[2010/08/11 23:09:06 | 000,524,288 | -HS- | M] () -- C:\Users\ben ld\ntuser.dat{d2b5b459-a5c5-11df-aa27-001c256e1b14}.TMContainer00000000000000000001.regtrans-ms
[2010/08/11 22:58:39 | 000,524,288 | -HS- | M] () -- C:\Users\ben ld\ntuser.dat{e14f9bbd-a5c4-11df-9426-001c256e1b14}.TMContainer00000000000000000002.regtrans-ms
[2010/08/11 22:58:39 | 000,524,288 | -HS- | M] () -- C:\Users\ben ld\ntuser.dat{e14f9bbd-a5c4-11df-9426-001c256e1b14}.TMContainer00000000000000000001.regtrans-ms
[2010/08/11 22:58:39 | 000,065,536 | -HS- | M] () -- C:\Users\ben ld\ntuser.dat{e14f9bbd-a5c4-11df-9426-001c256e1b14}.TM.blf
[2010/08/11 22:51:56 | 000,524,288 | -HS- | M] () -- C:\Users\ben ld\ntuser.dat{f7a927bb-a5c3-11df-95e2-001c256e1b14}.TMContainer00000000000000000002.regtrans-ms
[2010/08/11 22:51:56 | 000,524,288 | -HS- | M] () -- C:\Users\ben ld\ntuser.dat{f7a927bb-a5c3-11df-95e2-001c256e1b14}.TMContainer00000000000000000001.regtrans-ms
[2010/08/11 22:51:56 | 000,065,536 | -HS- | M] () -- C:\Users\ben ld\ntuser.dat{f7a927bb-a5c3-11df-95e2-001c256e1b14}.TM.blf
[2010/08/10 01:12:02 | 000,000,248 | ---- | M] () -- C:\Windows\system.ini
[2010/08/09 15:11:17 | 000,003,814 | ---- | M] () -- C:\Users\ben ld\Documents\cc_20100809_151107.reg
[2010/08/09 01:47:00 | 000,000,979 | ---- | M] () -- C:\Users\ben ld\Desktop\CCleaner.lnk
[2010/08/09 01:34:12 | 000,524,288 | -HS- | M] () -- C:\Users\ben ld\ntuser.dat{95abb0b0-a37e-11df-8e05-001c256e1b14}.TMContainer00000000000000000002.regtrans-ms
[2010/08/09 01:34:12 | 000,524,288 | -HS- | M] () -- C:\Users\ben ld\ntuser.dat{95abb0b0-a37e-11df-8e05-001c256e1b14}.TMContainer00000000000000000001.regtrans-ms
[2010/08/09 01:34:12 | 000,065,536 | -HS- | M] () -- C:\Users\ben ld\ntuser.dat{95abb0b0-a37e-11df-8e05-001c256e1b14}.TM.blf
[2010/08/09 01:32:56 | 000,524,288 | -HS- | M] () -- C:\Users\ben ld\ntuser.dat{b378164f-a37c-11df-88fd-001c256e1b14}.TMContainer00000000000000000002.regtrans-ms
[2010/08/09 01:32:56 | 000,524,288 | -HS- | M] () -- C:\Users\ben ld\ntuser.dat{b378164f-a37c-11df-88fd-001c256e1b14}.TMContainer00000000000000000001.regtrans-ms
[2010/08/09 01:32:56 | 000,065,536 | -HS- | M] () -- C:\Users\ben ld\ntuser.dat{b378164f-a37c-11df-88fd-001c256e1b14}.TM.blf
[2010/08/08 04:21:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\PC Medkit.job
[2010/07/29 01:30:49 | 000,197,632 | ---- | M] (Intel® Corporation) -- C:\Windows\System32\ir32_32.dll
[2010/07/29 01:30:34 | 000,082,944 | ---- | M] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2010/07/11 16:35:18 | 000,068,608 | ---- | M] () -- C:\Users\ben ld\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/11 01:19:09 | 000,001,809 | ---- | M] () -- C:\Users\ben ld\Desktop\Recuva.lnk
[2010/07/11 00:43:31 | 000,001,144 | ---- | M] () -- C:\Users\ben ld\Desktop\LG Power Tools.lnk
[2010/07/11 00:43:23 | 000,002,032 | ---- | M] () -- C:\Users\ben ld\Desktop\LG Burning Tool.lnk
[2010/07/09 01:12:09 | 000,001,562 | ---- | M] () -- C:\Users\ben ld\Desktop\DivX Movies.lnk
[2010/07/09 01:11:44 | 000,001,096 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010/07/03 02:26:49 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\iGetter.lnk
[2010/07/02 18:52:53 | 000,004,327 | ---- | M] () -- C:\Windows\SETUP.LST
[2010/07/02 18:52:53 | 000,000,303 | ---- | M] () -- C:\Windows\ST6UNST.001
[2010/07/02 18:52:36 | 000,000,303 | ---- | M] () -- C:\Windows\ST6UNST.000
[2010/07/02 18:46:53 | 000,001,097 | ---- | M] () -- C:\Users\Public\Desktop\Diablo II - Lord of Destruction.lnk
[2010/07/02 17:28:11 | 000,068,432 | ---- | M] () -- C:\Users\ben ld\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/07/02 17:26:05 | 000,016,384 | ---- | M] (BitLeader) -- C:\Windows\System32\lgfwunis.exe
[2010/07/02 17:15:30 | 000,505,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp71.dll
[2010/07/02 17:15:30 | 000,353,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr71.dll
[2010/06/30 01:22:45 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/06/30 01:22:33 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/06/30 01:21:57 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/06/30 01:21:47 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/06/30 01:21:47 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/06/30 01:21:44 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/06/30 01:19:16 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/06/29 23:21:49 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/06/28 02:24:47 | 000,000,961 | ---- | M] () -- C:\Users\Public\Desktop\ViiKiiDesktopPlugin.lnk
[2010/06/27 19:57:46 | 000,001,007 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Online Backup Status.lnk
[2010/06/21 00:05:36 | 000,000,961 | ---- | M] () -- C:\Users\ben ld\Application Data\Microsoft\Internet Explorer\Quick Launch\MemTurbo - PC Optimizer.lnk
[2010/06/21 00:05:35 | 000,000,993 | ---- | M] () -- C:\Users\Public\Desktop\MemTurbo - PC Optimizer.lnk
[2010/06/21 00:00:02 | 000,001,962 | ---- | M] () -- C:\Users\ben ld\Desktop\HardDiskTune-Up.lnk
[2010/06/21 00:00:02 | 000,001,950 | ---- | M] () -- C:\Users\ben ld\Application Data\Microsoft\Internet Explorer\Quick Launch\HardDiskTune-Up.lnk
[2010/06/20 23:57:28 | 000,001,999 | ---- | M] () -- C:\Users\ben ld\Application Data\Microsoft\Internet Explorer\Quick Launch\Check PC For Errors.lnk
[2010/06/20 23:57:27 | 000,002,015 | ---- | M] () -- C:\Users\ben ld\Desktop\Check PC For Errors.lnk
[2010/06/19 01:33:29 | 003,955,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/06/19 01:33:29 | 003,899,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/06/19 01:23:50 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010/06/18 23:07:18 | 002,326,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/06/15 19:08:46 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/06/12 22:34:03 | 000,000,448 | ---- | M] () -- C:\Program Files\0612201022340243.bat
[2010/06/06 00:04:17 | 000,000,578 | ---- | M] () -- C:\Users\ben ld\Application Data\Microsoft\Internet Explorer\Quick Launch\RDesc.lnk
[2010/06/06 00:04:17 | 000,000,554 | ---- | M] () -- C:\Users\Public\Desktop\RDesc.lnk
[2010/05/31 20:32:58 | 000,385,880 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfehidk.sys
[2010/05/31 20:32:58 | 000,312,616 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfefirek.sys
[2010/05/31 20:32:58 | 000,160,720 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfewfpk.sys
[2010/05/31 20:32:58 | 000,152,320 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys
[2010/05/31 20:32:58 | 000,095,568 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeapfk.sys
[2010/05/31 20:32:58 | 000,083,496 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdet.sys
[2010/05/31 20:32:58 | 000,064,304 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfenlfk.sys
[2010/05/31 20:32:58 | 000,055,456 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\cfwids.sys
[2010/05/31 20:32:58 | 000,051,688 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys
[2010/05/31 20:32:58 | 000,009,344 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeclnk.sys
[2010/05/28 15:42:34 | 000,000,068 | ---- | M] () -- C:\Users\ben ld\AppData\Roaming\AVSMediaPlayer.m3u
[2010/05/27 02:24:13 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010/05/26 22:49:37 | 000,293,888 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/05/26 19:02:53 | 000,002,009 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft LifeCam.lnk
[2010/05/21 14:14:28 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/05/14 13:03:01 | 000,000,056 | -H-- | M] () -- C:\Windows\System32\ezsidmv.dat
[2010/05/14 12:58:30 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/05/09 04:14:55 | 000,641,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2010/05/09 04:14:50 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010/05/09 04:13:30 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010/05/09 04:13:30 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010/05/02 12:52:49 | 000,015,004 | ---- | M] () -- C:\Users\ben ld\Desktop\facebook_pic.jpeg
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/04/26 17:04:42 | 000,353,592 | ---- | M] (DivX, Inc.) -- C:\Windows\System32\DivXControlPanelApplet.cpl
[2010/04/23 02:13:36 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/04/13 20:10:22 | 000,054,776 | ---- | M] (Mozy, Inc.) -- C:\Windows\System32\drivers\MOBK.sys
[2010/04/03 05:16:46 | 000,002,026 | ---- | M] () -- C:\Users\ben ld\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/04/03 05:16:46 | 000,002,002 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/03/28 00:12:44 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010/03/27 22:35:20 | 000,021,316 | ---- | M] () -- C:\Windows\System32\emptyregdb.dat
[2010/03/27 22:16:58 | 000,524,288 | -HS- | M] () -- C:\Users\ben ld\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010/03/27 22:16:58 | 000,524,288 | -HS- | M] () -- C:\Users\ben ld\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010/03/27 22:16:58 | 000,065,536 | -HS- | M] () -- C:\Users\ben ld\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010/03/27 21:54:24 | 000,002,992 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/03/27 21:54:23 | 000,002,992 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/03/27 21:50:44 | 000,000,020 | -HS- | M] () -- C:\Users\ben ld\ntuser.ini
[2010/03/27 21:45:17 | 000,042,045 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010/03/27 20:24:36 | 000,002,150 | ---- | M] () -- C:\Windows\diagwrn.xml
[2010/03/27 20:24:36 | 000,001,890 | ---- | M] () -- C:\Windows\diagerr.xml
[2010/03/27 13:53:01 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2010/03/18 13:16:28 | 000,771,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr100_clr0400.dll
[2010/03/12 18:41:16 | 000,677,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\LCCoin32.dll
[2010/03/12 18:41:16 | 000,503,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\LcProxy.ax
[2010/03/12 18:41:16 | 000,039,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nx6000res.dll
[2010/03/12 18:41:16 | 000,030,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nx6000.sys
[2010/03/10 14:29:32 | 000,094,208 | ---- | M] (DivX, Inc.) -- C:\Windows\System32\dpl100.dll
[2010/03/08 16:33:56 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010/03/05 02:42:42 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2010/03/01 22:37:50 | 000,000,364 | ---- | M] () -- C:\Users\ben ld\Desktop\Downloads.lnk
[2010/02/19 14:27:36 | 000,720,384 | ---- | M] (DivX, Inc.) -- C:\Windows\System32\DivX.dll
[2010/02/19 14:27:16 | 000,856,064 | ---- | M] (DivX, Inc.) -- C:\Windows\System32\divx_xx0c.dll
[2010/02/19 14:27:16 | 000,856,064 | ---- | M] (DivX, Inc.) -- C:\Windows\System32\divx_xx07.dll
[2010/02/19 14:27:16 | 000,847,872 | ---- | M] (DivX, Inc.) -- C:\Windows\System32\divx_xx0a.dll
[2010/02/19 14:27:16 | 000,843,776 | ---- | M] (DivX, Inc.) -- C:\Windows\System32\divx_xx16.dll
[2010/02/19 14:27:16 | 000,839,680 | ---- | M] (DivX, Inc.) -- C:\Windows\System32\divx_xx11.dll
[2010/02/10 05:29:04 | 000,000,144 | ---- | M] () -- C:\Windows\win.ini
[2010/01/30 10:48:22 | 000,266,552 | ---- | M] (My Privacy Tools, Inc.) -- C:\Windows\System32\HMIPCore.dll
[2010/01/29 04:28:16 | 000,350,720 | ---- | M] () -- C:\Users\ben ld\Desktop\hjsplit.exe
[2010/01/18 18:29:31 | 000,365,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010/01/18 18:29:31 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010/01/18 18:29:31 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010/01/18 18:29:30 | 000,369,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010/01/18 18:28:33 | 000,324,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010/01/18 18:28:33 | 000,277,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010/01/18 18:28:30 | 000,320,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010/01/18 18:28:30 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010/01/10 21:39:15 | 000,000,000 | -H-- | M] () -- C:\Users\ben ld\Documents\Default.rdp
[2010/01/07 19:16:16 | 000,000,031 | ---- | M] () -- C:\Windows\System32\wsoviedsini.dll
[2010/01/05 01:37:56 | 000,000,506 | ---- | M] () -- C:\Users\ben ld\Desktop\RDesc.lnk
[2009/12/21 00:13:01 | 000,065,536 | ---- | M] () -- C:\Windows\SPInstall.etl
[2009/12/19 04:02:48 | 001,328,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2009/12/19 04:02:40 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2009/12/19 04:02:01 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2009/12/17 18:14:09 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2009/12/17 18:14:08 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2009/12/17 18:14:06 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2009/12/17 18:14:00 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deploytk.dll
[2009/12/13 04:30:50 | 000,465,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2009/12/11 02:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecpkg.sys
[2009/12/11 02:38:58 | 001,037,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2009/12/09 16:55:14 | 000,000,893 | ---- | M] () -- C:\Users\ben ld\Application Data\Microsoft\Internet Explorer\Quick Launch\PC Matic.lnk
[2009/12/02 03:17:14 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2009/11/26 04:41:04 | 000,001,861 | ---- | M] () -- C:\Users\ben ld\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox 3.6 Beta 1.lnk
[2009/11/25 12:47:34 | 000,295,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2009/11/25 12:47:34 | 000,099,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2009/11/25 12:47:34 | 000,049,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2009/11/20 21:34:54 | 000,592,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvuninst.exe
[2009/11/20 21:34:54 | 000,182,888 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcod178.dll
[2009/11/10 11:28:10 | 001,640,400 | ---- | M] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll.old
[2009/11/10 11:26:26 | 000,767,952 | ---- | M] () -- C:\Windows\BDTSupport.dll.old
[2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2009/10/28 07:15:43 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2009/10/20 17:59:04 | 000,409,600 | ---- | M] ( ) -- C:\Windows\System32\lxdncoin.dll
[2009/10/20 17:42:25 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2009/10/19 09:10:20 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2009/10/19 09:10:06 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2009/10/17 20:30:35 | 000,001,057 | ---- | M] () -- C:\Users\ben ld\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
[2009/10/02 03:12:51 | 000,001,112 | ---- | M] () -- C:\Users\ben ld\Application Data\Microsoft\Internet Explorer\Quick Launch\Media Player Classic.lnk
[2009/10/01 14:16:03 | 000,000,221 | -HS- | M] () -- C:\Users\ben ld\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini
[2009/10/01 03:33:06 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
[2009/09/27 23:12:22 | 011,197,032 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2009/09/27 23:12:22 | 009,509,832 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2009/09/27 23:12:22 | 007,614,056 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2009/09/27 23:12:22 | 002,169,448 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2009/09/27 23:12:22 | 001,997,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2009/09/27 23:12:22 | 001,714,792 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2009/09/27 23:12:22 | 001,074,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2009/09/27 23:12:22 | 000,795,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dpinst.exe
[2009/09/27 23:12:22 | 000,490,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvudisp.exe
[2009/09/27 23:12:22 | 000,170,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcod.dll
[2009/09/27 23:12:22 | 000,010,984 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd
[2009/09/27 18:47:30 | 002,173,544 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcplui.exe
[2009/09/27 18:47:30 | 000,420,456 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.cpl
[2009/09/27 18:47:00 | 000,150,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll
[2009/09/27 17:47:00 | 004,033,128 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvitvs.dll
[2009/09/27 17:47:00 | 003,553,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvgames.dll
[2009/09/27 17:47:00 | 003,172,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvwss.dll
[2009/09/27 17:47:00 | 001,309,288 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvs.dll
[2009/09/27 17:47:00 | 001,292,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvmobls.dll
[2009/09/27 17:47:00 | 000,805,480 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll
[2009/09/27 17:47:00 | 000,195,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvmccss.dll
[2009/09/27 17:47:00 | 000,092,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll
[2009/09/27 17:46:40 | 000,253,738 | ---- | M] () -- C:\Windows\System32\NvApps.xml
[2009/09/27 17:46:40 | 000,068,587 | ---- | M] () -- C:\Windows\System32\NvwsApps.xml
[2009/09/27 17:46:00 | 013,949,544 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll
[2009/09/27 17:46:00 | 004,942,440 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdisps.dll
[2009/09/27 17:12:22 | 000,170,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcod167.dll
[2009/09/27 17:12:22 | 000,014,646 | ---- | M] () -- C:\Windows\System32\nvdisp.nvu
[2009/09/04 17:29:32 | 001,974,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2009/09/04 17:29:30 | 001,892,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2009/09/03 02:04:15 | 001,320,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2009/08/29 01:54:52 | 012,625,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/08/14 19:46:31 | 000,045,056 | ---- | C] () -- C:\Windows\System32\LXF3PMON.DLL
[2010/08/14 19:46:31 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXF3FXPU.DLL
[2010/08/14 19:46:11 | 000,053,248 | ---- | C] () -- C:\Windows\System32\lxf3oem.dll
[2010/08/14 19:46:11 | 000,012,288 | ---- | C] () -- C:\Windows\System32\LXF3PMRC.DLL
[2010/08/14 19:45:20 | 000,001,037 | ---- | C] () -- C:\Users\Public\Desktop\Lexmark Productivity Studio - 2600 Series.LNK
[2010/08/14 19:42:55 | 000,000,044 | ---- | C] () -- C:\Windows\System32\lxdnrwrd.ini
[2010/08/14 19:42:39 | 000,348,160 | ---- | C] () -- C:\Windows\System32\LXDNinst.dll
[2010/08/14 19:42:33 | 000,085,023 | ---- | C] () -- C:\Windows\System32\LexFiles.ulf
[2010/08/14 19:42:33 | 000,001,633 | ---- | C] () -- C:\Windows\System32\lxdn.loc
[2010/08/12 23:39:22 | 000,001,975 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
[2010/08/12 04:51:40 | 000,001,017 | ---- | C] () -- C:\Users\ben ld\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/08/12 04:51:40 | 000,000,993 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/12 03:55:40 | 000,001,038 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010/08/11 23:20:05 | 000,001,007 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Online Backup Status.lnk
[2010/08/11 23:09:05 | 000,524,288 | -HS- | C] () -- C:\Users\ben ld\ntuser.dat{d2b5b459-a5c5-11df-aa27-001c256e1b14}.TMContainer00000000000000000002.regtrans-ms
[2010/08/11 23:09:04 | 000,524,288 | -HS- | C] () -- C:\Users\ben ld\ntuser.dat{d2b5b459-a5c5-11df-aa27-001c256e1b14}.TMContainer00000000000000000001.regtrans-ms
[2010/08/11 23:09:03 | 000,065,536 | -HS- | C] () -- C:\Users\ben ld\ntuser.dat{d2b5b459-a5c5-11df-aa27-001c256e1b14}.TM.blf
[2010/08/11 22:58:39 | 000,524,288 | -HS- | C] () -- C:\Users\ben ld\ntuser.dat{e14f9bbd-a5c4-11df-9426-001c256e1b14}.TMContainer00000000000000000002.regtrans-ms
[2010/08/11 22:58:38 | 000,524,288 | -HS- | C] () -- C:\Users\ben ld\ntuser.dat{e14f9bbd-a5c4-11df-9426-001c256e1b14}.TMContainer00000000000000000001.regtrans-ms
[2010/08/11 22:58:37 | 000,065,536 | -HS- | C] () -- C:\Users\ben ld\ntuser.dat{e14f9bbd-a5c4-11df-9426-001c256e1b14}.TM.blf
[2010/08/11 22:51:53 | 000,524,288 | -HS- | C] () -- C:\Users\ben ld\ntuser.dat{f7a927bb-a5c3-11df-95e2-001c256e1b14}.TMContainer00000000000000000002.regtrans-ms
[2010/08/11 22:51:53 | 000,524,288 | -HS- | C] () -- C:\Users\ben ld\ntuser.dat{f7a927bb-a5c3-11df-95e2-001c256e1b14}.TMContainer00000000000000000001.regtrans-ms
[2010/08/11 22:51:53 | 000,065,536 | -HS- | C] () -- C:\Users\ben ld\ntuser.dat{f7a927bb-a5c3-11df-95e2-001c256e1b14}.TM.blf
[2010/08/09 15:11:12 | 000,003,814 | ---- | C] () -- C:\Users\ben ld\Documents\cc_20100809_151107.reg
[2010/08/09 01:34:03 | 000,524,288 | -HS- | C] () -- C:\Users\ben ld\ntuser.dat{95abb0b0-a37e-11df-8e05-001c256e1b14}.TMContainer00000000000000000002.regtrans-ms
[2010/08/09 01:34:02 | 000,524,288 | -HS- | C] () -- C:\Users\ben ld\ntuser.dat{95abb0b0-a37e-11df-8e05-001c256e1b14}.TMContainer00000000000000000001.regtrans-ms
[2010/08/09 01:34:02 | 000,065,536 | -HS- | C] () -- C:\Users\ben ld\ntuser.dat{95abb0b0-a37e-11df-8e05-001c256e1b14}.TM.blf
[2010/08/09 01:23:39 | 000,524,288 | -HS- | C] () -- C:\Users\ben ld\ntuser.dat{b378164f-a37c-11df-88fd-001c256e1b14}.TMContainer00000000000000000002.regtrans-ms
[2010/08/09 01:23:38 | 000,524,288 | -HS- | C] () -- C:\Users\ben ld\ntuser.dat{b378164f-a37c-11df-88fd-001c256e1b14}.TMContainer00000000000000000001.regtrans-ms
[2010/08/09 01:23:35 | 000,065,536 | -HS- | C] () -- C:\Users\ben ld\ntuser.dat{b378164f-a37c-11df-88fd-001c256e1b14}.TM.blf
[2010/07/11 01:19:09 | 000,001,809 | ---- | C] () -- C:\Users\ben ld\Desktop\Recuva.lnk
[2010/07/09 01:11:44 | 000,001,096 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010/07/03 02:26:49 | 000,000,913 | ---- | C] () -- C:\Users\Public\Desktop\iGetter.lnk
[2010/07/02 18:52:52 | 000,000,303 | ---- | C] () -- C:\Windows\ST6UNST.001
[2010/07/02 18:52:36 | 000,004,327 | ---- | C] () -- C:\Windows\SETUP.LST
[2010/07/02 18:52:35 | 000,000,303 | ---- | C] () -- C:\Windows\ST6UNST.000
[2010/07/02 18:52:20 | 000,004,327 | ---- | C] () -- C:\Windows\System32\SETUP.LST
[2010/07/02 18:44:45 | 000,001,097 | ---- | C] () -- C:\Users\Public\Desktop\Diablo II - Lord of Destruction.lnk
[2010/07/02 17:25:32 | 000,001,144 | ---- | C] () -- C:\Users\ben ld\Desktop\LG Power Tools.lnk
[2010/07/02 17:24:42 | 000,000,337 | ---- | C] () -- C:\Windows\lgfwup.ini
[2010/07/02 17:14:29 | 000,002,032 | ---- | C] () -- C:\Users\ben ld\Desktop\LG Burning Tool.lnk
[2010/06/28 02:24:52 | 000,001,073 | ---- | C] () -- C:\Users\ben ld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ViiKiiDesktopPlugin.lnk
[2010/06/28 02:24:46 | 000,000,961 | ---- | C] () -- C:\Users\Public\Desktop\ViiKiiDesktopPlugin.lnk
[2010/06/27 19:58:01 | 000,001,838 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Total Protection.lnk
[2010/06/21 00:05:48 | 000,000,999 | ---- | C] () -- C:\Users\ben ld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MemTurbo.lnk
[2010/06/21 00:05:36 | 000,000,961 | ---- | C] () -- C:\Users\ben ld\Application Data\Microsoft\Internet Explorer\Quick Launch\MemTurbo - PC Optimizer.lnk
[2010/06/21 00:05:35 | 000,000,993 | ---- | C] () -- C:\Users\Public\Desktop\MemTurbo - PC Optimizer.lnk
[2010/06/21 00:00:02 | 000,001,962 | ---- | C] () -- C:\Users\ben ld\Desktop\HardDiskTune-Up.lnk
[2010/06/21 00:00:02 | 000,001,950 | ---- | C] () -- C:\Users\ben ld\Application Data\Microsoft\Internet Explorer\Quick Launch\HardDiskTune-Up.lnk
[2010/06/20 23:57:28 | 000,001,999 | ---- | C] () -- C:\Users\ben ld\Application Data\Microsoft\Internet Explorer\Quick Launch\Check PC For Errors.lnk
[2010/06/20 23:57:27 | 000,002,015 | ---- | C] () -- C:\Users\ben ld\Desktop\Check PC For Errors.lnk
[2010/06/15 19:08:46 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/06/12 22:34:03 | 000,000,448 | ---- | C] () -- C:\Program Files\0612201022340243.bat
[2010/05/26 19:02:53 | 000,002,009 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft LifeCam.lnk
[2010/05/21 14:54:35 | 000,000,912 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2797464938-3135893560-1101105139-1000UA.job
[2010/05/21 14:54:30 | 000,000,860 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2797464938-3135893560-1101105139-1000Core.job
[2010/05/14 13:03:01 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010/05/14 12:58:30 | 000,002,503 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/05/02 12:52:44 | 000,015,004 | ---- | C] () -- C:\Users\ben ld\Desktop\facebook_pic.jpeg
[2010/04/24 11:54:16 | 000,000,068 | ---- | C] () -- C:\Users\ben ld\AppData\Roaming\AVSMediaPlayer.m3u
[2010/04/24 11:49:32 | 000,156,910 | ---- | C] () -- C:\Windows\WMSysPr8.prx
[2010/04/13 20:11:20 | 000,002,568 | ---- | C] () -- C:\Windows\MOBK.blk
[2010/04/13 20:11:20 | 000,000,296 | ---- | C] () -- C:\Windows\MOBK.flt
[2010/03/31 10:55:13 | 000,068,608 | ---- | C] () -- C:\Users\ben ld\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/30 01:23:42 | 000,001,562 | ---- | C] () -- C:\Users\ben ld\Desktop\DivX Movies.lnk
[2010/03/27 22:35:21 | 000,021,316 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2010/03/27 22:16:58 | 000,524,288 | -HS- | C] () -- C:\Users\ben ld\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010/03/27 22:16:58 | 000,524,288 | -HS- | C] () -- C:\Users\ben ld\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010/03/27 22:16:57 | 001,835,008 | ---- | C] () -- C:\Users\ben ld\ntuser.dat
[2010/03/27 22:16:57 | 000,262,144 | -HS- | C] () -- C:\Users\ben ld\ntuser.dat.LOG1
[2010/03/27 22:16:57 | 000,065,536 | -HS- | C] () -- C:\Users\ben ld\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010/03/27 22:16:57 | 000,000,290 | ---- | C] () -- C:\Users\ben ld\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010/03/27 22:16:57 | 000,000,272 | ---- | C] () -- C:\Users\ben ld\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/03/27 22:16:57 | 000,000,000 | -HS- | C] () -- C:\Users\ben ld\ntuser.dat.LOG2
[2010/03/27 22:16:18 | 000,009,712 | -H-- | C] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/03/27 22:16:18 | 000,009,712 | -H-- | C] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/03/27 21:50:44 | 000,000,020 | -HS- | C] () -- C:\Users\ben ld\ntuser.ini
[2010/03/27 21:46:53 | 2314,903,552 | -HS- | C] () -- C:\hiberfil.sys
[2010/03/27 20:24:36 | 000,002,150 | ---- | C] () -- C:\Windows\diagwrn.xml
[2010/03/27 20:24:36 | 000,001,890 | ---- | C] () -- C:\Windows\diagerr.xml
[2010/03/27 13:53:01 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/03/01 22:37:50 | 000,000,364 | ---- | C] () -- C:\Users\ben ld\Desktop\Downloads.lnk
[2010/02/27 02:37:59 | 000,000,554 | ---- | C] () -- C:\Users\Public\Desktop\RDesc.lnk
[2010/02/10 05:32:18 | 000,000,979 | ---- | C] () -- C:\Users\ben ld\Desktop\CCleaner.lnk
[2010/01/29 04:33:43 | 000,000,336 | ---- | C] () -- C:\Windows\tasks\PC Medkit.job
[2010/01/29 04:28:22 | 000,350,720 | ---- | C] () -- C:\Users\ben ld\Desktop\hjsplit.exe
[2010/01/10 21:39:15 | 000,000,000 | -H-- | C] () -- C:\Users\ben ld\Documents\Default.rdp
[2010/01/07 19:16:16 | 000,000,031 | ---- | C] () -- C:\Windows\System32\wsoviedsini.dll
[2009/12/21 00:13:01 | 000,065,536 | ---- | C] () -- C:\Windows\SPInstall.etl
[2009/12/11 01:28:41 | 000,014,646 | ---- | C] () -- C:\Windows\System32\nvdisp.nvu
[2009/12/09 16:55:14 | 000,000,893 | ---- | C] () -- C:\Users\ben ld\Application Data\Microsoft\Internet Explorer\Quick Launch\PC Matic.lnk
[2009/12/08 23:41:04 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll.old
[2009/12/07 18:26:35 | 000,076,407 | ---- | C] () -- C:\Users\ben ld\AppData\Roaming\Smiley.ico
[2009/11/26 04:41:04 | 000,001,861 | ---- | C] () -- C:\Users\ben ld\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox 3.6 Beta 1.lnk
[2009/10/28 07:15:43 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2009/10/20 17:42:25 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2009/10/20 03:47:14 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/10/17 20:30:35 | 000,001,057 | ---- | C] () -- C:\Users\ben ld\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
[2009/10/14 01:18:46 | 000,000,578 | ---- | C] () -- C:\Users\ben ld\Application Data\Microsoft\Internet Explorer\Quick Launch\RDesc.lnk
[2009/10/14 01:18:46 | 000,000,506 | ---- | C] () -- C:\Users\ben ld\Desktop\RDesc.lnk
[2009/10/02 03:12:51 | 000,001,112 | ---- | C] () -- C:\Users\ben ld\Application Data\Microsoft\Internet Explorer\Quick Launch\Media Player Classic.lnk
[2009/10/02 03:12:47 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009/10/02 03:12:47 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2009/10/02 03:12:46 | 000,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml
[2009/10/02 03:12:45 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/10/02 03:12:45 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/10/02 03:12:44 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2009/10/01 13:42:47 | 000,004,984 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2009/10/01 03:48:55 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2009/10/01 03:48:54 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2009/10/01 03:33:06 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
[2009/10/01 03:17:05 | 000,002,026 | ---- | C] () -- C:\Users\ben ld\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2009/10/01 03:17:04 | 000,002,002 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2009/10/01 03:01:35 | 000,000,221 | -HS- | C] () -- C:\Users\ben ld\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini
[2009/09/27 17:46:40 | 000,253,738 | ---- | C] () -- C:\Windows\System32\NvApps.xml
[2009/09/27 17:46:40 | 000,068,587 | ---- | C] () -- C:\Windows\System32\NvwsApps.xml
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/07/14 09:02:58 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdngrd.dll
[2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2007/11/28 12:51:49 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxdnvs.dll
[2007/11/20 19:02:39 | 000,782,336 | ---- | C] () -- C:\Windows\System32\lxdndrs.dll
[2007/11/20 18:44:48 | 000,081,920 | ---- | C] () -- C:\Windows\System32\lxdncaps.dll
[2007/10/02 17:51:09 | 000,069,632 | ---- | C] () -- C:\Windows\System32\lxdncnv4.dll

========== LOP Check ==========

[2010/03/27 22:27:50 | 000,000,000 | ---D | M] -- C:\Users\ben ld\AppData\Roaming\ACAPsoft
[2010/03/27 22:27:51 | 000,000,000 | ---D | M] -- C:\Users\ben ld\AppData\Roaming\FFSJ
[2010/03/27 22:27:51 | 000,000,000 | ---D | M] -- C:\Users\ben ld\AppData\Roaming\Foxit
[2010/03/27 22:27:51 | 000,000,000 | ---D | M] -- C:\Users\ben ld\AppData\Roaming\Foxit Software
[2010/03/27 22:27:51 | 000,000,000 | ---D | M] -- C:\Users\ben ld\AppData\Roaming\FrostWire
[2010/06/14 00:57:36 | 000,000,000 | ---D | M] -- C:\Users\ben ld\AppData\Roaming\iGetter
[2010/03/27 22:27:54 | 000,000,000 | ---D | M] -- C:\Users\ben ld\AppData\Roaming\LimeWire
[2010/03/27 22:28:06 | 000,000,000 | ---D | M] -- C:\Users\ben ld\AppData\Roaming\MailWasherPro
[2010/07/11 01:38:26 | 000,000,000 | ---D | M] -- C:\Users\ben ld\AppData\Roaming\OfficeRecovery
[2010/06/03 20:43:26 | 000,000,000 | ---D | M] -- C:\Users\ben ld\AppData\Roaming\OpenOffice.org
[2010/03/27 22:28:10 | 000,000,000 | ---D | M] -- C:\Users\ben ld\AppData\Roaming\Opera
[2010/03/27 22:28:11 | 000,000,000 | ---D | M] -- C:\Users\ben ld\AppData\Roaming\PCPitstop
[2010/06/20 23:59:54 | 000,000,000 | ---D | M] -- C:\Users\ben ld\AppData\Roaming\Sammsoft
[2010/04/14 12:34:03 | 000,000,000 | ---D | M] -- C:\Users\ben ld\AppData\Roaming\Shareaza
[2010/03/27 22:28:11 | 000,000,000 | ---D | M] -- C:\Users\ben ld\AppData\Roaming\Sinner
[2010/03/27 22:28:11 | 000,000,000 | ---D | M] -- C:\Users\ben ld\AppData\Roaming\Trillian
[2010/03/27 22:28:12 | 000,000,000 | ---D | M] -- C:\Users\ben ld\AppData\Roaming\Uniblue
[2010/06/28 02:24:52 | 000,000,000 | ---D | M] -- C:\Users\ben ld\AppData\Roaming\ViiKiiDesktopPlugin.5E22EA0FF243470AB5EDDF282C0A5B52E9909C36.1
[2010/08/08 04:21:00 | 000,000,336 | ---- | M] () -- C:\Windows\Tasks\PC Medkit.job
[2009/07/13 23:53:46 | 000,014,362 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2009/06/10 16:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2010/07/02 18:52:11 | 000,000,189 | ---- | M] () -- C:\BnetLog.txt
[2009/07/13 20:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2010/03/28 00:12:44 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2009/06/10 16:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010/08/13 01:04:57 | 2314,903,552 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/13 01:04:57 | 3086,540,800 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/07/13 20:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009/07/13 20:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2009/07/13 20:16:18 | 000,489,472 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\win32spl.dll
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\drivers\*.sys /90 >
[2010/05/31 20:32:58 | 000,055,456 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\cfwids.sys
[2010/05/31 20:32:58 | 000,095,568 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeapfk.sys
[2010/05/31 20:32:58 | 000,152,320 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys
[2010/05/31 20:32:58 | 000,051,688 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys
[2010/05/31 20:32:58 | 000,009,344 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeclnk.sys
[2010/05/31 20:32:58 | 000,312,616 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfefirek.sys
[2010/05/31 20:32:58 | 000,385,880 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfehidk.sys
[2010/05/31 20:32:58 | 000,064,304 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfenlfk.sys
[2010/05/31 20:32:58 | 000,083,496 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdet.sys
[2010/05/31 20:32:58 | 000,160,720 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfewfpk.sys
[2010/06/21 21:47:35 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv.sys
[2010/06/21 21:47:21 | 000,307,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys
[2010/06/21 21:47:13 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys
[2010/06/14 01:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpip.sys

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2008/02/27 06:05:40 | 000,115,200 | ---- | M] () -- C:\Windows\System32\spool\prtprocs\w32x86\1_lxdndrpp.dll
[2009/07/13 20:15:26 | 000,090,624 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\HPZPPWN7.DLL
[2009/07/13 20:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2009/08/13 12:02:22 | 000,147,968 | ---- | M] () -- C:\Windows\System32\spool\prtprocs\w32x86\lxdndrpp.dll
[2009/07/13 20:16:19 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 252 bytes -> C:\Users\ben ld\Desktop\SUPERAntiSpyware.exe:SummaryInformation
@Alternate Data Stream - 244 bytes -> C:\Users\ben ld\Desktop\mbam-setup.exe:SummaryInformation
@Alternate Data Stream - 188 bytes -> C:\Users\ben ld\Desktop\TFC.exe:SummaryInformation
@Alternate Data Stream - 188 bytes -> C:\Users\ben ld\Desktop\OTL.exe:SummaryInformation
@Alternate Data Stream - 186 bytes -> C:\ProgramData\TEMP:C8A26DAA
@Alternate Data Stream - 16 bytes -> C:\Users\ben ld\Downloads:Shareaza.GUID
@Alternate Data Stream - 155 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:C4F37A10
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8

< End of report >
OTL Extras logfile created on: 8/14/2010 8:05:42 PM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\ben ld\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 78.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 911.33 Gb Total Space | 674.35 Gb Free Space | 74.00% Space Free | Partition Type: NTFS
Drive D: | 536.85 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive O: | 20.18 Gb Total Space | 0.00 Gb Free Space | 0.02% Space Free | Partition Type: NTFS

Computer Name: BENLD-PC
Current User Name: ben ld
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 360 Days
Output = Standard

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox 3.6 Beta 1\firefox.exe (Mozilla Corporation)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\system32\ieframe.DLL (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox 3.6 Beta 1\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\System32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox 3.6 Beta 1\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox 3.6 Beta 1\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 18
"{26B878A8-5704-3B64-BDBC-4F0EACA38121}" = Google Talk Plugin
"{27C467F8-F8EF-4f68-BD72-D63632B2096C}" = McAfee Online Backup
"{2B322F4F-F403-4975-AB54-530459472148}" = Skype Toolbars
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = LG CyberLink PowerDVD
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go
"{475CEB7F-F373-743A-AC19-7CE00D01A74A}" = ViiKii Desktop Plug-in
"{47A3FE80-528F-482B-8143-B3A4645557FC}" = Microsoft LifeCam
"{48A25E19-D9AE-4BBE-9411-6F4C5D328B39}" = Skype™ Beta 5.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Firmware Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A5F34E2-37CF-4AD4-808C-2D413786E31A}" = Microsoft Visual C Runtime
"{8DD0F820-3656-4AB3-A7F4-005CAA2D0897}_is1" = RDesc 2.31
"{8F1A20DC-251D-47B0-91B7-DCA2523EE6C9}" = McAfee Virtual Technician
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{99011A6E-5200-11DE-BDB8-7ACD56D89593}" = Rosetta Stone Version 3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = LG CyberLink PowerBackup
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = LG CyberLink PowerProducer
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CD4D567E-44D7-4CDA-977D-C918D88FA3D9}_is1" = MemTurbo 4
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CFF4500E-C5D6-695D-A027-B3D4DDED2CC3}" = McAfee Online Backup
"14163BDEC0ECDFF85320001E7C79C3BB2491245D" = Windows Driver Package - NVIDIA (nvlddmkm) Display (11/20/2009 8.17.11.9562)
"33C3F89A22F013A8632D898E67C5B1BDF99E08F4" = Windows Driver Package - NVIDIA (nvlddmkm) Display (01/11/2010 8.17.11.9621)
"6FAC4A5E42901EB6F2406826D67BB15C2B5062A7" = Windows Driver Package - NVIDIA (nvlddmkm) Display (11/20/2009 8.17.11.9562)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced Registry Optimizer_is1" = Advanced Registry Optimizer
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_HSF" = Soft Data Fax Modem with SmartCP
"Diablo II" = Diablo II
"DivX Setup.divx.com" = DivX Setup
"Foxit Reader" = Foxit Reader
"Hard Disk Tune-Up_is1" = Hard Disk Tune-Up 1.0
"iGetter_is1" = iGetter v2.6
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = LG CyberLink PowerDVD
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = LG CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint
"JAIELangPack" = Japanese Language Support
"KeyScrambler" = KeyScrambler
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.1.6 (Full)
"Lexmark 2600 Series" = Lexmark 2600 Series
"Lexmark Fax Solutions" = Lexmark Fax Solutions
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MSC" = McAfee Total Protection
"NVIDIA Drivers" = NVIDIA Drivers
"PC Matic_is1" = PC Matic 1.0.0.0
"Recuva" = Recuva
"ViiKiiDesktopPlugin.5E22EA0FF243470AB5EDDF282C0A5B52E9909C36.1" = ViiKii Desktop Plug-in
"VLC media player" = VLC media player 1.1.2
"WinRAR archiver" = WinRAR archiver

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >


DDS (Ver_10-03-17.01) - NTFSx86
Run by ben ld at 20:36:02.53 on Sat 08/14/2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_18
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.2944.2376 [GMT -5:00]

SP: AVG Anti-Spyware *disabled* (Outdated) {48F2E28D-ED66-4646-9C11-B3055B0AF604}
SP: SUPERAntiSpyware *enabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\PCPitstop\PCPitstopScheduleService.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\McAfee Online Backup\MOBKstat.exe
C:\Program Files\MemTurbo 4\MemTurbo.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Mozilla Firefox 3.6 Beta 1\firefox.exe
C:\Program Files\Mozilla Firefox 3.6 Beta 1\plugin-container.exe
C:\Program Files\Mozilla Firefox 3.6 Beta 1\plugin-container.exe
C:\Windows\system32\lxdncoms.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Lexmark 2600 Series\lxdnMsdMon.exe
C:\Windows\system32\spool\DRIVERS\W32X86\3\lxdnserv.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\ben ld\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: IGMONObj Class: {02464ddc-3187-11d8-8004-0020ed227566} - c:\program files\igetter\integration\IGMON.dll
BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: CKeyScramblerBHO Object: {2b9f5787-88a5-4945-90e7-c4b18563bc5e} - c:\program files\keyscrambler\KeyScramblerIE.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20100802234835.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: UrlHelper Class: {cfc4f59b-a2da-4e12-b337-52a4f871e10c} - c:\program files\shareaza applications\shareaza\ShareazaIEHelper.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Google Update] "c:\users\ben ld\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [UpdateLBPShortCut] "c:\program files\cyberlink\labelprint\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\labelprint" updatewithcreateonce "software\cyberlink\labelprint\2.5"
mRun: [UpdateP2GoShortCut] "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"
mRun: [PDVD8LanguageShortcut] "c:\program files\cyberlink\powerdvd8\language\Language.exe"
mRun: [UpdatePPShortCut] "c:\program files\cyberlink\powerproducer\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerproducer" updatewithcreateonce "software\cyberlink\powerproducer\5.0"
mRun: [UCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" updatewithcreateonce "software\cyberlink\youcam\2.0"
mRun: [LGODDFU] "c:\program files\lg_fwupdate\fwupdate.exe" blrun
mRun: [UpdatePSTShortCut] "c:\program files\cyberlink\dvd suite\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\dvd suite" updatewithcreateonce "software\cyberlink\PowerStarter"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [lxdnmon.exe] "c:\program files\lexmark 2600 series\lxdnmon.exe"
mRun: [lxdnamon] "c:\program files\lexmark 2600 series\lxdnamon.exe"
mRun: [FaxCenterServer] "c:\program files\lexmark fax solutions\fm3032.exe" /s
StartupFolder: c:\users\benld~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\memturbo.lnk - c:\program files\memturbo 4\MemTurbo.exe
StartupFolder: c:\users\benld~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\viikii~1.lnk - c:\program files\viikiidesktopplugin\ViiKiiDesktopPlugin.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee online backup\MOBKstat.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Download all with iGetter - c:\program files\igetter\integration\igetall.html
IE: Download with iGetter - c:\program files\igetter\integration\iget.html
IE: {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - {B745F984-EF2E-40D6-A9AC-D8CED7230E61} - c:\program files\keyscrambler\KeyScramblerIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Trusted Zone: internet
Trusted Zone: mcafee.com
DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"

================= FIREFOX ===================

FF - ProfilePath - c:\users\benld~1\appdata\roaming\mozilla\firefox\profiles\s8rnm6hz.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\mcafee\supportability\mvt\NPMVTPlugin.dll
FF - plugin: c:\program files\mozilla firefox 3.6 beta 1\plugins\npiget.dll
FF - plugin: c:\program files\mozilla firefox 3.6 beta 1\plugins\npiget1.dll
FF - plugin: c:\program files\mozilla firefox 3.6 beta 1\plugins\npiget10.dll
FF - plugin: c:\program files\mozilla firefox 3.6 beta 1\plugins\npiget2.dll
FF - plugin: c:\program files\mozilla firefox 3.6 beta 1\plugins\npiget3.dll
FF - plugin: c:\program files\mozilla firefox 3.6 beta 1\plugins\npiget4.dll
FF - plugin: c:\program files\mozilla firefox 3.6 beta 1\plugins\npiget5.dll
FF - plugin: c:\program files\mozilla firefox 3.6 beta 1\plugins\npiget6.dll
FF - plugin: c:\program files\mozilla firefox 3.6 beta 1\plugins\npiget7.dll
FF - plugin: c:\program files\mozilla firefox 3.6 beta 1\plugins\npiget8.dll
FF - plugin: c:\program files\mozilla firefox 3.6 beta 1\plugins\npiget9.dll
FF - plugin: c:\users\ben ld\appdata\local\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\users\ben ld\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\ben ld\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\windows\system32\wat\npWatWeb.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox 3.6 beta 1\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox 3.6 beta 1\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox 3.6 beta 1\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-4-14 385880]
R0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-6-27 160720]
R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2010-6-27 64304]
R1 MOBKFilter;MOBKFilter;c:\windows\system32\drivers\MOBK.sys [2010-6-27 54776]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R2 lxdn_device;lxdn_device;c:\windows\system32\lxdncoms.exe -service --> c:\windows\system32\lxdncoms.exe -service [?]
R2 lxdnCATSCustConnectService;lxdnCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdnserv.exe [2008-2-27 94208]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-8-12 304464]
R2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2010-6-27 170144]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\common files\mcafee\systemcore\mfevtps.exe [2010-6-27 141792]
R2 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files\pcpitstop\PCPitstopScheduleService.exe [2009-12-9 85504]
R3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys [2010-8-4 113896]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-8-12 20952]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-6-27 152320]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-6-27 312616]
R4 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-6-27 271480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-6-27 55456]
S3 Hard Disk Tune-Up;Hard Disk Tune-Up;c:\program files\hard disk tune-up\HDTuneUpSrv.exe [2010-6-20 441344]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-6-27 51688]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-6-27 83496]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\drivers\nx6000.sys [2010-3-12 30576]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-3-31 1343400]
S4 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-6-27 271480]
S4 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-6-27 271480]
S4 McProxy;McAfee Proxy Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-6-27 271480]
S4 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2010-6-27 188136]
S4 MOBKbackup;McAfee Online Backup;c:\program files\mcafee online backup\MOBKbackup.exe [2010-4-13 229688]

============== File Associations ===============

.txt=

=============== Created Last 30 ================

2010-08-15 01:12:46 0 d-----w- C:\_OTL
2010-08-15 01:01:03 0 d-----w- c:\programdata\Lx_cats
2010-08-15 00:49:02 0 d-----w- C:\logs
2010-08-15 00:46:31 45056 ----a-w- c:\windows\system32\LXF3PMON.DLL
2010-08-15 00:46:31 32768 ----a-w- c:\windows\system32\LXF3FXPU.DLL
2010-08-15 00:46:11 98345 ----a-w- c:\windows\system32\IMHOST32.DLL
2010-08-15 00:46:11 98304 ----a-w- c:\windows\system32\IM31XPNG.DEL
2010-08-15 00:46:11 69632 ----a-w- c:\windows\system32\IM31XTIF.DEL
2010-08-15 00:46:11 53248 ----a-w- c:\windows\system32\lxf3oem.dll
2010-08-15 00:46:11 49152 ----a-w- c:\windows\system32\IM31IMG.DIL
2010-08-15 00:46:11 339968 ----a-w- c:\windows\system32\IMGMAN32.DLL
2010-08-15 00:46:11 12288 ----a-w- c:\windows\system32\LXF3PMRC.DLL
2010-08-15 00:46:08 0 d-----w- c:\programdata\FaxCtr
2010-08-15 00:45:55 0 d-----w- c:\program files\Lexmark Fax Solutions
2010-08-15 00:45:39 0 d-----w- c:\program files\Abbyy FineReader 6.0 Sprint
2010-08-15 00:43:09 0 d-----w- c:\program files\Lexmark Toolbar
2010-08-15 00:42:23 0 d-----w- c:\program files\Lexmark 2600 Series
2010-08-13 04:39:30 0 d-----w- c:\users\benld~1\appdata\roaming\SUPERAntiSpyware.com
2010-08-13 04:39:12 0 d-----w- c:\program files\SUPERAntiSpyware
2010-08-13 04:29:57 0 d-----w- c:\programdata\F-Secure
2010-08-12 22:24:27 0 d-----w- c:\programdata\SUPERAntiSpyware.com
2010-08-12 21:47:01 310784 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-12 21:47:01 307200 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-08-12 21:47:00 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-08-12 21:45:50 1233920 ----a-w- c:\windows\system32\msxml3.dll
2010-08-12 21:45:42 82944 ----a-w- c:\windows\system32\iccvid.dll
2010-08-12 21:45:42 197632 ----a-w- c:\windows\system32\ir32_32.dll
2010-08-12 09:53:13 0 d-----w- c:\users\benld~1\appdata\roaming\Malwarebytes
2010-08-12 09:51:20 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-12 09:50:55 0 d-----w- c:\programdata\Malwarebytes
2010-08-12 09:50:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-12 09:50:42 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-12 04:45:20 0 d-----w- c:\users\benld~1\appdata\roaming\McAfee
2010-08-12 04:14:02 2326016 ----a-w- c:\windows\system32\win32k.sys
2010-08-12 04:09:05 524288 --sha-w- c:\users\ben ld\ntuser.dat{d2b5b459-a5c5-11df-aa27-001c256e1b14}.TMContainer00000000000000000002.regtrans-ms
2010-08-12 04:09:04 524288 --sha-w- c:\users\ben ld\ntuser.dat{d2b5b459-a5c5-11df-aa27-001c256e1b14}.TMContainer00000000000000000001.regtrans-ms
2010-08-12 04:09:03 65536 --sha-w- c:\users\ben ld\ntuser.dat{d2b5b459-a5c5-11df-aa27-001c256e1b14}.TM.blf
2010-08-12 03:58:39 524288 --sha-w- c:\users\ben ld\ntuser.dat{e14f9bbd-a5c4-11df-9426-001c256e1b14}.TMContainer00000000000000000002.regtrans-ms
2010-08-12 03:58:38 524288 --sha-w- c:\users\ben ld\ntuser.dat{e14f9bbd-a5c4-11df-9426-001c256e1b14}.TMContainer00000000000000000001.regtrans-ms
2010-08-12 03:58:37 65536 --sha-w- c:\users\ben ld\ntuser.dat{e14f9bbd-a5c4-11df-9426-001c256e1b14}.TM.blf
2010-08-12 03:53:14 0 d-----w- c:\windows\system32\Power2Go
2010-08-12 03:51:53 65536 --sha-w- c:\users\ben ld\ntuser.dat{f7a927bb-a5c3-11df-95e2-001c256e1b14}.TM.blf
2010-08-12 03:51:53 524288 --sha-w- c:\users\ben ld\ntuser.dat{f7a927bb-a5c3-11df-95e2-001c256e1b14}.TMContainer00000000000000000002.regtrans-ms
2010-08-12 03:51:53 524288 --sha-w- c:\users\ben ld\ntuser.dat{f7a927bb-a5c3-11df-95e2-001c256e1b14}.TMContainer00000000000000000001.regtrans-ms
2010-08-10 03:57:27 0 d-----w- c:\program files\ESET
2010-08-09 06:34:03 524288 --sha-w- c:\users\ben ld\ntuser.dat{95abb0b0-a37e-11df-8e05-001c256e1b14}.TMContainer00000000000000000002.regtrans-ms
2010-08-09 06:34:02 65536 --sha-w- c:\users\ben ld\ntuser.dat{95abb0b0-a37e-11df-8e05-001c256e1b14}.TM.blf
2010-08-09 06:34:02 524288 --sha-w- c:\users\ben ld\ntuser.dat{95abb0b0-a37e-11df-8e05-001c256e1b14}.TMContainer00000000000000000001.regtrans-ms
2010-08-09 06:23:39 524288 --sha-w- c:\users\ben ld\ntuser.dat{b378164f-a37c-11df-88fd-001c256e1b14}.TMContainer00000000000000000002.regtrans-ms
2010-08-09 06:23:38 524288 --sha-w- c:\users\ben ld\ntuser.dat{b378164f-a37c-11df-88fd-001c256e1b14}.TMContainer00000000000000000001.regtrans-ms
2010-08-09 06:23:35 65536 --sha-w- c:\users\ben ld\ntuser.dat{b378164f-a37c-11df-88fd-001c256e1b14}.TM.blf
2010-08-04 19:18:44 113896 ----a-w- c:\windows\system32\drivers\keyscrambler.sys
2010-08-04 19:18:44 0 d-----w- c:\program files\KeyScrambler

==================== Find3M ====================

2010-07-02 22:26:05 16384 ----a-w- c:\windows\system32\lgfwunis.exe
2010-07-02 22:15:30 505128 ----a-w- c:\windows\system32\msvcp71.dll
2010-07-02 22:15:30 353576 ----a-w- c:\windows\system32\msvcr71.dll
2010-06-30 06:25:31 978432 ----a-w- c:\windows\system32\wininet.dll
2010-06-19 06:33:29 3955080 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-06-19 06:33:29 3899784 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-06-19 06:23:50 37376 ----a-w- c:\windows\system32\rtutils.dll
2010-06-16 05:48:35 224256 ----a-w- c:\windows\system32\schannel.dll
2010-06-13 03:34:03 448 ----a-w- c:\program files\0612201022340243.bat
2010-05-27 07:24:13 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-27 03:49:37 293888 ----a-w- c:\windows\system32\atmfd.dll
2010-05-21 19:14:28 221568 ------w- c:\windows\system32\MpSigStub.exe
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2009-07-14 04:41:57 174 --sha-w- c:\program files\desktop.ini
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

============= FINISH: 20:36:33.45 ===============

Merged posts. ~ OB

Edited by Orange Blossom, 14 August 2010 - 10:29 PM.


BC AdBot (Login to Remove)

 


#2 suebaby41

suebaby41

    W.A.M. (Women Against Malware)


  • Malware Response Team
  • 6,248 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Carolina, USA
  • Local time:12:28 AM

Posted 21 August 2010 - 01:58 PM

Welcome to the BleepingComputer Forums.

Since it has been a few days since you scanned your computer with HijackThis, we will need a new HijackThis log. If you have not already downloaded Random's System Information Tool (RSIT), please download Random's System Information Tool (RSIT) by random/random which includes a HijackThis log and save it to your desktop. If you have RSIT already on your computer, please run it again.
  1. Double click on RSIT.exe to run RSIT.
  2. Click Continue at the disclaimer screen.
  3. Please post the contents of log.txt.
Thank you for your patience.

Please see Preparation Guide for use before posting about your potential Malware problem.

If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped.

Please post your HijackThis log as a reply to this thread and not as an attachment. I am always leery of opening attachments so I always request that HijackThis logs are to be posted as a reply to the thread. I do not think that you are attaching anything scary but others may do so.

While we are working on your HijackThis log, please:
  1. Reply to this thread; do not start another!
  2. Do not make any changes on your computer during the cleaning process or download/add programs on your computer unless instructed to do so.
  3. Do not run any other tool until instructed to do so!
  4. Let me know if any of the links do not work or if any of the tools do not work.
  5. Tell me about problems or symptoms that occur during the fix.
  6. Do not run any other programs or open any other windows while doing a fix.
  7. Ask any questions that you have regarding the fix(es), the infection(s), the performance of your computer, etc.
Thanks.
You don't stop laughing when you get old; you get old when you stop laughing.
A Member of U-N-I-T-E (Unified Network of Instructors and Trained Eliminators)
Malware Removal University Masters Graduate

Posted Image
Join The Fight Against Malware
No reply within 5 days will result in your topic being closed. If you need more time, please let me know by posting in this topic so that your topic will not be closed.

#3 benjola2

benjola2
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:28 PM

Posted 22 August 2010 - 03:59 PM

Logfile of random's system information tool 1.08 (written by random/random)
Run by ben ld at 2010-08-22 04:58:14
Microsoft Windows 7 Ultimate
System drive C: has 675 GB (72%) free of 933 GB
Total RAM: 2944 MB (86% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:58:28 AM, on 8/22/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\McAfee Online Backup\MOBKstat.exe
C:\Program Files\MemTurbo 4\MemTurbo.exe
C:\Program Files\Lexmark 2600 Series\lxdnMsdMon.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\ben ld\Desktop\RSIT.exe
C:\Program Files\trend micro\ben ld.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O1 - Hosts: ::1 localhost
O2 - BHO: IGMONObj Class - {02464DDC-3187-11D8-8004-0020ED227566} - C:\Program Files\iGetter\Integration\IGMON.dll
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - (no file)
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100802234835.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O2 - BHO: UrlHelper Class - {CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - C:\Program Files\Shareaza Applications\Shareaza\ShareazaIEHelper.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - (no file)
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
O4 - HKLM\..\Run: [UpdatePPShortCut] "C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [lxdnmon.exe] "C:\Program Files\Lexmark 2600 Series\lxdnmon.exe"
O4 - HKLM\..\Run: [lxdnamon] "C:\Program Files\Lexmark 2600 Series\lxdnamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\ben ld\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: MemTurbo.lnk = C:\Program Files\MemTurbo 4\MemTurbo.exe
O4 - Startup: ViiKiiDesktopPlugin.lnk = C:\Program Files\ViiKiiDesktopPlugin\ViiKiiDesktopPlugin.exe
O4 - Global Startup: McAfee Online Backup Status.lnk = C:\Program Files\McAfee Online Backup\MOBKstat.exe
O8 - Extra context menu item: Download all with iGetter - C:\Program Files\iGetter\Integration\igetall.html
O8 - Extra context menu item: Download with iGetter - C:\Program Files\iGetter\Integration\iget.html
O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra 'Tools' menuitem: &KeyScrambler... - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} (PCMaticVer Class) - http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Hard Disk Tune-Up - Sammsoft - C:\Program Files\Hard Disk Tune-Up\HDTuneUpSrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxdnCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdnserv.exe
O23 - Service: lxdn_device - - C:\Windows\system32\lxdncoms.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PCPitstop Scheduling - PC Pitstop LLC - C:\Program Files\PCPitstop\PCPitstopScheduleService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9090 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2797464938-3135893560-1101105139-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2797464938-3135893560-1101105139-1000UA.job
C:\Windows\tasks\PC Medkit.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02464DDC-3187-11D8-8004-0020ED227566}]
IGMONObj Class - C:\Program Files\iGetter\Integration\IGMON.dll [2009-11-09 159744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}]
Lexmark Toolbar

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\progra~1\mcafee\msk\mskapbho.dll [2010-05-03 245272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2B9F5787-88A5-4945-90E7-C4B18563BC5E}]
CKeyScramblerBHO Object - C:\Program Files\KeyScrambler\KeyScramblerIE.dll [2008-06-01 808936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100802234835.dll [2010-05-31 73288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-05-04 881960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\progra~1\mcafee\sitead~1\mcieplg.dll [2010-02-01 251416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CFC4F59B-A2DA-4e12-B337-52A4F871E10C}]
UrlHelper Class - C:\Program Files\Shareaza Applications\Shareaza\ShareazaIEHelper.dll [2009-06-30 398784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\progra~1\mcafee\sitead~1\mcieplg.dll [2010-02-01 251416]
{1017A80C-6F09-4548-A84D-EDD6AC9525F0} -

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2010-03-12 119152]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-06-02 1144104]
"mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2010-06-24 1193848]
"UpdateLBPShortCut"=C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"UpdateP2GoShortCut"=C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"PDVD8LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [2009-04-15 50472]
"UpdatePPShortCut"=C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2009-02-17 218408]
"LGODDFU"=C:\Program Files\lg_fwupdate\fwupdate.exe [2010-07-02 557056]
"UpdatePSTShortCut"=C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2009-09-29 210216]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-04-29 437584]
"lxdnmon.exe"=C:\Program Files\Lexmark 2600 Series\lxdnmon.exe [2009-01-29 660136]
"lxdnamon"=C:\Program Files\Lexmark 2600 Series\lxdnamon.exe [2009-01-29 16040]
"FaxCenterServer"=C:\Program Files\Lexmark Fax Solutions\fm3032.exe [2009-01-29 320168]
"RDesc"= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2009-07-13 65024]
"Google Update"=C:\Users\ben ld\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-21 136176]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-08-20 2363392]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-07-19 2403568]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Online Backup Status.lnk - C:\Program Files\McAfee Online Backup\MOBKstat.exe

C:\Users\ben ld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MemTurbo.lnk - C:\Program Files\MemTurbo 4\MemTurbo.exe
ViiKiiDesktopPlugin.lnk - C:\Program Files\ViiKiiDesktopPlugin\ViiKiiDesktopPlugin.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"legalnoticetext"=

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open -

======List of files/folders created in the last 3 months======

2010-08-22 04:58:14 ----D---- C:\rsit
2010-08-21 06:32:17 ----D---- C:\Users\ben ld\AppData\Roaming\vlc
2010-08-15 01:12:34 ----D---- C:\Users\ben ld\AppData\Roaming\FaxCtr
2010-08-14 20:12:46 ----D---- C:\_OTL
2010-08-14 20:01:03 ----D---- C:\ProgramData\Lx_cats
2010-08-14 19:49:02 ----D---- C:\logs
2010-08-14 19:46:31 ----A---- C:\Windows\system32\LXF3PMON.DLL
2010-08-14 19:46:31 ----A---- C:\Windows\system32\LXF3FXPU.DLL
2010-08-14 19:46:11 ----A---- C:\Windows\system32\LXF3PMRC.DLL
2010-08-14 19:46:11 ----A---- C:\Windows\system32\lxf3oem.dll
2010-08-14 19:46:11 ----A---- C:\Windows\system32\IMHOST32.DLL
2010-08-14 19:46:11 ----A---- C:\Windows\system32\IMGMAN32.DLL
2010-08-14 19:46:08 ----D---- C:\ProgramData\FaxCtr
2010-08-14 19:45:55 ----D---- C:\Program Files\Lexmark Fax Solutions
2010-08-14 19:45:39 ----D---- C:\Program Files\Abbyy FineReader 6.0 Sprint
2010-08-14 19:43:09 ----D---- C:\Program Files\Lexmark Toolbar
2010-08-14 19:42:57 ----A---- C:\Windows\system32\lxdnwupd.exe
2010-08-14 19:42:57 ----A---- C:\Windows\system32\lxdnwupd.dll
2010-08-14 19:42:55 ----A---- C:\Windows\system32\lxdnrwrd.ini
2010-08-14 19:42:39 ----A---- C:\Windows\system32\LXDNinst.dll
2010-08-14 19:42:39 ----A---- C:\Windows\system32\lxdninpa.dll
2010-08-14 19:42:39 ----A---- C:\Windows\system32\lxdniesc.dll
2010-08-14 19:42:39 ----A---- C:\Windows\system32\LXDNhcp.dll
2010-08-14 19:42:38 ----A---- C:\Windows\system32\lxdnusb1.dll
2010-08-14 19:42:38 ----A---- C:\Windows\system32\lxdnserv.dll
2010-08-14 19:42:37 ----A---- C:\Windows\system32\lxdnprox.dll
2010-08-14 19:42:37 ----A---- C:\Windows\system32\lxdnpmui.dll
2010-08-14 19:42:37 ----A---- C:\Windows\system32\lxdnlmpm.dll
2010-08-14 19:42:36 ----A---- C:\Windows\system32\lxdnih.exe
2010-08-14 19:42:36 ----A---- C:\Windows\system32\lxdnhbn3.dll
2010-08-14 19:42:35 ----A---- C:\Windows\system32\lxdngf.dll
2010-08-14 19:42:34 ----A---- C:\Windows\system32\lxdncoms.exe
2010-08-14 19:42:34 ----A---- C:\Windows\system32\lxdncomm.dll
2010-08-14 19:42:34 ----A---- C:\Windows\system32\lxdncomc.dll
2010-08-14 19:42:34 ----A---- C:\Windows\system32\lxdncfg.exe
2010-08-14 19:42:34 ----A---- C:\Windows\system32\LXDNcfg.dll
2010-08-14 19:42:23 ----D---- C:\Program Files\Lexmark 2600 Series
2010-08-12 23:39:30 ----D---- C:\Users\ben ld\AppData\Roaming\SUPERAntiSpyware.com
2010-08-12 23:39:12 ----D---- C:\Program Files\SUPERAntiSpyware
2010-08-12 23:29:57 ----D---- C:\ProgramData\F-Secure
2010-08-12 17:24:27 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2010-08-12 16:47:01 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-12 16:47:01 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-12 16:47:00 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-08-12 16:46:53 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-12 16:46:53 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-08-12 16:46:39 ----A---- C:\Windows\system32\ieui.dll
2010-08-12 16:46:38 ----A---- C:\Windows\system32\ieframe.dll
2010-08-12 16:46:37 ----A---- C:\Windows\system32\mshtml.dll
2010-08-12 16:46:37 ----A---- C:\Windows\system32\msfeedssync.exe
2010-08-12 16:46:37 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-08-12 16:46:36 ----A---- C:\Windows\system32\iepeers.dll
2010-08-12 16:46:36 ----A---- C:\Windows\system32\iedkcs32.dll
2010-08-12 16:46:35 ----A---- C:\Windows\system32\wininet.dll
2010-08-12 16:46:35 ----A---- C:\Windows\system32\mstime.dll
2010-08-12 16:46:35 ----A---- C:\Windows\system32\jsproxy.dll
2010-08-12 16:46:34 ----A---- C:\Windows\system32\urlmon.dll
2010-08-12 16:46:29 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-12 16:46:24 ----A---- C:\Windows\system32\rtutils.dll
2010-08-12 16:46:19 ----A---- C:\Windows\system32\schannel.dll
2010-08-12 16:45:50 ----A---- C:\Windows\system32\msxml3.dll
2010-08-12 16:45:42 ----A---- C:\Windows\system32\ir32_32.dll
2010-08-12 16:45:42 ----A---- C:\Windows\system32\iccvid.dll
2010-08-12 04:53:13 ----D---- C:\Users\ben ld\AppData\Roaming\Malwarebytes
2010-08-12 04:51:20 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2010-08-12 04:50:55 ----D---- C:\ProgramData\Malwarebytes
2010-08-12 04:50:42 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-08-12 04:50:42 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-08-11 23:45:20 ----D---- C:\Users\ben ld\AppData\Roaming\McAfee
2010-08-11 23:14:02 ----A---- C:\Windows\system32\win32k.sys
2010-08-11 22:53:14 ----D---- C:\Windows\system32\Power2Go
2010-08-09 22:57:27 ----D---- C:\Program Files\ESET
2010-08-04 14:18:44 ----D---- C:\Program Files\KeyScrambler
2010-08-04 14:18:44 ----A---- C:\Windows\system32\drivers\keyscrambler.sys
2010-08-02 23:36:40 ----A---- C:\Windows\system32\shell32.dll
2010-07-11 01:38:26 ----D---- C:\Users\ben ld\AppData\Roaming\OfficeRecovery
2010-07-11 01:19:05 ----D---- C:\Program Files\Recuva
2010-07-11 01:09:41 ----D---- C:\Program Files\DiskInternals
2010-07-09 01:20:41 ----D---- C:\ProgramData\LightScribe
2010-07-03 02:26:48 ----D---- C:\Program Files\iGetter
2010-07-02 18:56:30 ----A---- C:\Windows\system32\readme.txt
2010-07-02 17:51:50 ----A---- C:\BnetLog.txt
2010-07-02 17:33:36 ----D---- C:\Program Files\Diablo II
2010-07-02 17:33:36 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2010-07-02 17:25:27 ----D---- C:\Temp
2010-07-02 17:24:42 ----A---- C:\Windows\lgfwup.ini
2010-07-02 17:23:41 ----A---- C:\Windows\system32\VB6KO.DLL
2010-07-02 17:23:40 ----A---- C:\Windows\system32\lgfwunis.exe
2010-07-02 17:23:36 ----D---- C:\Program Files\lg_fwupdate
2010-07-02 17:16:54 ----D---- C:\Program Files\Common Files\CyberLink
2010-07-02 17:15:01 ----D---- C:\Users\ben ld\AppData\Roaming\CyberLink
2010-07-02 17:10:31 ----D---- C:\Program Files\Common Files\LightScribe
2010-07-02 17:08:44 ----D---- C:\Program Files\CyberLink
2010-07-02 17:08:30 ----D---- C:\ProgramData\CyberLink
2010-06-28 02:24:52 ----D---- C:\Users\ben ld\AppData\Roaming\ViiKiiDesktopPlugin.5E22EA0FF243470AB5EDDF282C0A5B52E9909C36.1
2010-06-28 02:24:52 ----D---- C:\ProgramData\Adobe
2010-06-28 02:24:46 ----D---- C:\Program Files\ViiKiiDesktopPlugin
2010-06-28 02:24:44 ----D---- C:\Program Files\Adobe
2010-06-28 02:24:42 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-06-27 20:02:56 ----D---- C:\Program Files\Diablo II.temp
2010-06-27 20:02:56 ----D---- C:\Program Files\Common Files\Blizzard Entertainment.temp
2010-06-27 19:57:50 ----D---- C:\Program Files\McAfeeMOBK
2010-06-27 19:57:45 ----A---- C:\Windows\system32\drivers\MOBK.sys
2010-06-27 19:57:03 ----A---- C:\Windows\system32\drivers\mfeclnk.sys
2010-06-27 19:56:27 ----A---- C:\Windows\system32\drivers\mfewfpk.sys
2010-06-27 19:56:27 ----A---- C:\Windows\system32\drivers\mferkdet.sys
2010-06-27 19:56:27 ----A---- C:\Windows\system32\drivers\mfenlfk.sys
2010-06-27 19:56:27 ----A---- C:\Windows\system32\drivers\mfefirek.sys
2010-06-27 19:56:27 ----A---- C:\Windows\system32\drivers\mfebopk.sys
2010-06-27 19:56:27 ----A---- C:\Windows\system32\drivers\mfeavfk.sys
2010-06-27 19:56:27 ----A---- C:\Windows\system32\drivers\cfwids.sys
2010-06-27 19:56:21 ----D---- C:\Program Files\McAfee.com
2010-06-27 19:56:18 ----D---- C:\Program Files\McAfee
2010-06-25 03:02:36 ----D---- C:\Program Files\Microsoft.NET
2010-06-23 03:02:08 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-06-23 03:02:08 ----A---- C:\Windows\system32\PresentationHost.exe
2010-06-23 03:02:08 ----A---- C:\Windows\system32\mscoree.dll
2010-06-23 03:02:07 ----A---- C:\Windows\system32\netfxperf.dll
2010-06-23 03:02:07 ----A---- C:\Windows\system32\dfshim.dll
2010-06-23 00:41:00 ----A---- C:\Windows\system32\ntdll.dll
2010-06-23 00:40:53 ----A---- C:\Windows\system32\CPFilters.dll
2010-06-23 00:40:51 ----A---- C:\Windows\system32\msdri.dll
2010-06-22 06:25:32 ----D---- C:\Windows\Minidump
2010-06-21 00:05:27 ----D---- C:\Program Files\MemTurbo 4
2010-06-20 23:59:53 ----D---- C:\Program Files\Hard Disk Tune-Up
2010-06-20 23:57:43 ----D---- C:\Users\ben ld\AppData\Roaming\Sammsoft
2010-06-20 23:57:14 ----D---- C:\Program Files\Advanced Registry Optimizer
2010-06-18 23:28:09 ----D---- C:\Program Files\McAfee Online Backup
2010-06-18 15:50:25 ----D---- C:\Program Files\Common Files\Mcafee
2010-06-18 15:41:15 ----D---- C:\ProgramData\McAfee
2010-06-18 15:36:46 ----D---- C:\ProgramData\Office Genuine Advantage
2010-06-15 19:14:12 ----D---- C:\Program Files\Pure Networks
2010-06-15 19:11:12 ----D---- C:\Program Files\Common Files\Pure Networks Shared
2010-06-14 00:57:06 ----D---- C:\Users\ben ld\AppData\Roaming\iGetter
2010-06-13 01:31:06 ----D---- C:\ProgramData\Age of Empires 3
2010-06-13 00:25:21 ----D---- C:\Program Files\Common Files\InstallShield
2010-06-13 00:19:13 ----HD---- C:\Program Files\InstallShield Installation Information
2010-06-13 00:17:06 ----D---- C:\Program Files\Common Files\Microsoft Games
2010-06-13 00:16:19 ----A---- C:\Windows\system32\d3dx9_26.dll
2010-06-13 00:16:10 ----A---- C:\Windows\system32\d3dx9_25.dll
2010-06-12 22:49:06 ----A---- C:\Windows\system32\asycfilt.dll
2010-06-12 22:48:34 ----A---- C:\Windows\system32\atmlib.dll
2010-06-12 22:48:34 ----A---- C:\Windows\system32\atmfd.dll
2010-06-12 22:34:03 ----A---- C:\Program Files\0612201022340243.bat
2010-06-03 20:43:26 ----D---- C:\Users\ben ld\AppData\Roaming\OpenOffice.org
2010-06-03 20:32:55 ----D---- C:\Program Files\OpenOffice.org 3
2010-05-31 17:43:22 ----D---- C:\Program Files\ReflexiveArcade
2010-05-31 02:30:04 ----D---- C:\Program Files\Common Files\Oberon Media
2010-05-31 02:29:53 ----D---- C:\Program Files\MSN Games
2010-05-26 19:18:03 ----D---- C:\Program Files\Microsoft Silverlight
2010-05-26 19:14:24 ----D---- C:\Program Files\Common Files\Windows Live
2010-05-26 19:00:45 ----D---- C:\Program Files\Microsoft LifeCam
2010-05-26 19:00:37 ----A---- C:\Windows\system32\D3DX9_42.dll
2010-05-26 19:00:37 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-05-26 05:26:05 ----A---- C:\Windows\system32\tzres.dll

======List of files/folders modified in the last 3 months======

2010-08-22 04:58:28 ----D---- C:\Windows\Prefetch
2010-08-22 04:58:28 ----D---- C:\Program Files\Trend Micro
2010-08-22 04:58:02 ----D---- C:\ProgramData\Rosetta Stone
2010-08-22 01:19:51 ----D---- C:\Windows\Temp
2010-08-22 00:12:13 ----D---- C:\ProgramData\PCPitstop
2010-08-21 13:24:11 ----D---- C:\Windows\system32\config
2010-08-17 19:07:08 ----D---- C:\RDesc
2010-08-16 02:12:31 ----SHD---- C:\System Volume Information
2010-08-15 03:40:19 ----HD---- C:\ProgramData
2010-08-15 01:17:00 ----D---- C:\Windows\System32
2010-08-15 01:17:00 ----D---- C:\Windows\inf
2010-08-15 01:17:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-15 01:16:21 ----D---- C:\Windows
2010-08-14 20:00:29 ----D---- C:\Windows\system32\catroot
2010-08-14 20:00:28 ----D---- C:\Windows\system32\catroot2
2010-08-14 20:00:23 ----D---- C:\Windows\system32\DriverStore
2010-08-14 19:47:35 ----D---- C:\Windows\system32\drivers
2010-08-14 19:47:34 ----D---- C:\Windows\twain_32
2010-08-14 19:45:55 ----RD---- C:\Program Files
2010-08-14 19:45:53 ----SHD---- C:\Windows\Installer
2010-08-14 19:45:53 ----SHD---- C:\Config.Msi
2010-08-13 06:06:37 ----D---- C:\Windows\Microsoft.NET
2010-08-13 02:22:22 ----RSD---- C:\Windows\assembly
2010-08-13 01:05:24 ----D---- C:\Windows\winsxs
2010-08-13 01:04:03 ----D---- C:\Windows\system32\migration
2010-08-13 01:04:03 ----D---- C:\Program Files\Internet Explorer
2010-08-12 18:36:11 ----D---- C:\Windows\Downloaded Program Files
2010-08-12 05:55:08 ----D---- C:\Windows\system32\NDF
2010-08-12 05:51:15 ----RSHD---- C:\RECYCLER
2010-08-11 23:17:16 ----DC---- C:\Windows\system32\DRVSTORE
2010-08-11 23:08:51 ----D---- C:\Windows\Tasks
2010-08-11 23:08:50 ----D---- C:\Windows\system32\wfp
2010-08-11 23:08:48 ----D---- C:\Windows\system32\wbem
2010-08-11 23:08:02 ----D---- C:\Program Files\Windows Mail
2010-08-11 23:07:53 ----D---- C:\Program Files\Google
2010-08-11 23:07:53 ----D---- C:\Program Files\Common Files\AVSMedia
2010-08-11 23:07:53 ----D---- C:\Program Files\AVS4YOU
2010-08-11 23:07:48 ----D---- C:\Windows\registration
2010-08-11 23:07:40 ----RD---- C:\Users
2010-08-11 23:07:40 ----D---- C:\Windows\AppCompat
2010-08-11 23:07:34 ----AD---- C:\ProgramData\TEMP
2010-08-11 23:06:59 ----D---- C:\Program Files\Common Files
2010-08-11 23:03:46 ----D---- C:\Windows\debug
2010-08-10 01:12:02 ----A---- C:\Windows\system.ini
2010-08-09 10:00:01 ----D---- C:\Windows\system32\LogFiles
2010-08-09 02:02:03 ----D---- C:\Users\ben ld\AppData\Roaming\Media Player Classic
2010-08-09 01:46:57 ----D---- C:\Program Files\CCleaner
2010-08-09 01:22:38 ----D---- C:\Users\ben ld\AppData\Roaming\dvdcss
2010-08-04 13:18:39 ----D---- C:\Program Files\Mozilla Firefox 3.6 Beta 1
2010-08-03 13:09:31 ----A---- C:\Windows\system32\MRT.exe
2010-07-11 01:38:32 ----SD---- C:\Users\ben ld\AppData\Roaming\Microsoft
2010-07-10 21:41:45 ----D---- C:\Windows\system32\drivers\UMDF
2010-07-10 21:41:45 ----D---- C:\ProgramData\DivX
2010-07-10 21:41:45 ----D---- C:\Program Files\DivX
2010-07-04 13:04:32 ----D---- C:\Users\ben ld\AppData\Roaming\Mozilla
2010-07-02 18:52:48 ----D---- C:\Windows\system32\Tasks
2010-07-02 17:19:47 ----RSD---- C:\Windows\Fonts
2010-07-02 17:15:30 ----A---- C:\Windows\system32\msvcr71.dll
2010-07-02 17:15:30 ----A---- C:\Windows\system32\msvcp71.dll
2010-07-01 17:45:03 ----D---- C:\PerfLogs
2010-06-28 02:24:14 ----D---- C:\Users\ben ld\AppData\Roaming\Adobe
2010-06-27 19:44:44 ----D---- C:\Program Files\Spyware Doctor
2010-06-26 04:04:16 ----D---- C:\downloads
2010-06-25 03:02:40 ----D---- C:\Windows\system32\en-US
2010-06-23 03:01:58 ----D---- C:\Windows\ehome
2010-06-23 03:01:19 ----D---- C:\Windows\AppPatch
2010-06-18 23:31:46 ----D---- C:\Users\ben ld\AppData\Roaming\Identities
2010-06-14 23:14:15 ----D---- C:\Windows\system32\zh-TW
2010-06-14 23:14:15 ----D---- C:\Windows\system32\zh-HK
2010-06-14 23:14:15 ----D---- C:\Windows\system32\tr-TR
2010-06-14 23:14:15 ----D---- C:\Windows\system32\sv-SE
2010-06-14 23:14:15 ----D---- C:\Windows\system32\pt-BR
2010-06-14 23:14:15 ----D---- C:\Windows\system32\nl-NL
2010-06-14 23:14:15 ----D---- C:\Windows\system32\nb-NO
2010-06-14 23:14:15 ----D---- C:\Windows\system32\ko-KR
2010-06-14 23:14:15 ----D---- C:\Windows\system32\it-IT
2010-06-14 23:14:15 ----D---- C:\Windows\system32\he-IL
2010-06-14 23:14:15 ----D---- C:\Windows\system32\fr-FR
2010-06-14 23:14:15 ----D---- C:\Windows\system32\fi-FI
2010-06-14 23:14:15 ----D---- C:\Windows\system32\es-ES
2010-06-14 23:14:15 ----D---- C:\Windows\system32\el-GR
2010-06-14 23:14:15 ----D---- C:\Windows\system32\de-DE
2010-06-14 23:14:15 ----D---- C:\Windows\system32\da-DK
2010-06-14 23:14:15 ----D---- C:\Windows\system32\ar-SA
2010-06-13 04:11:38 ----D---- C:\Windows\rescache
2010-06-12 23:36:32 ----D---- C:\Program Files\Microsoft Games
2010-06-12 22:49:46 ----D---- C:\Program Files\Common Files\microsoft shared
2010-06-05 03:02:33 ----SD---- C:\ProgramData\Microsoft
2010-06-03 11:18:17 ----D---- C:\Program Files\MSECache
2010-06-03 11:14:14 ----D---- C:\Program Files\Microsoft Office
2010-05-26 20:07:34 ----D---- C:\Users\ben ld\AppData\Roaming\Skype
2010-05-26 19:25:05 ----D---- C:\Users\ben ld\AppData\Roaming\skypePM
2010-05-26 18:59:25 ----D---- C:\Windows\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2010-05-31 385880]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2010-05-31 160720]
R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2007-08-09 110624]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-13 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-13 173648]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-13 387584]
R1 mfenlfk;McAfee NDIS Light Filter; C:\Windows\system32\DRIVERS\mfenlfk.sys [2010-05-31 64304]
R1 MOBKFilter;MOBKFilter; C:\Windows\system32\DRIVERS\MOBK.sys [2010-04-13 54776]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-13 8704]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-06-29 8704]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-06-20 984064]
R3 HSXHWBS2;HSXHWBS2; C:\Windows\system32\DRIVERS\HSXHWBS2.sys [2007-06-20 267264]
R3 KeyScrambler;KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [2008-03-22 113896]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2010-04-29 20952]
R3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2010-05-31 95568]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2010-05-31 152320]
R3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2010-05-31 51688]
R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2010-05-31 312616]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
R3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-13 35840]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-06-20 660480]
S0 TfFsMon;TfFsMon; C:\Windows\system32\drivers\TfFsMon.sys []
S0 TfSysMon;TfSysMon; C:\Windows\system32\drivers\TfSysMon.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-13 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-13 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2010-05-31 55456]
S3 mfeavfk01;McAfee Inc.; C:\Windows\system32\drivers\mfeavfk01.sys []
S3 mferkdet;McAfee Inc. mferkdet; C:\Windows\system32\drivers\mferkdet.sys [2010-05-31 83496]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver; C:\Windows\System32\Drivers\nx6000.sys [2010-03-12 30576]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-13 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-13 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-13 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-13 28224]
S3 TfNetMon;TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-13 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-13 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-13 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-13 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-13 20992]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464]
R2 McShield;McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [2010-04-14 170144]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-05-31 141792]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2010-03-12 139632]
R2 PCPitstop Scheduling;PCPitstop Scheduling; C:\Program Files\PCPitstop\PCPitstopScheduleService.exe [2009-06-26 85504]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-06-29 386560]
R3 lxdn_device;lxdn_device; C:\Windows\system32\lxdncoms.exe [2008-02-27 594600]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-13 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-11-27 655624]
S3 Hard Disk Tune-Up;Hard Disk Tune-Up; C:\Program Files\Hard Disk Tune-Up\HDTuneUpSrv.exe [2009-03-25 441344]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-08-20 73728]
S3 lxdnCATSCustConnectService;lxdnCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdnserv.exe [2009-04-28 94208]
S3 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-09-27 215656]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-13 20992]
S3 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2009-04-15 271760]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-13 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-03-31 1343400]
S4 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480]
S4 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480]
S4 mcmscsvc;McAfee Services; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480]
S4 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480]
S4 McNASvc;McAfee Network Agent; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480]
S4 McODS;McAfee Scanner; C:\Program Files\McAfee\VirusScan\mcods.exe [2010-04-15 364216]
S4 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480]
S4 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2010-05-31 188136]
S4 MOBKbackup;McAfee Online Backup; C:\Program Files\McAfee Online Backup\MOBKbackup.exe [2010-04-13 229688]
S4 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480]

-----------------EOF-----------------

#4 benjola2

benjola2
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:28 PM

Posted 22 August 2010 - 04:00 PM

info.txt logfile of random's system information tool 1.08 2010-08-22 04:58:34

======Uninstall list======

-->"C:\Program Files\Hard Disk Tune-Up\unins000.exe" /silent
ABBYY FineReader 6.0 Sprint-->MsiExec.exe /X{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10i_Plugin.exe -maintain plugin
Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Advanced Registry Optimizer-->"C:\Program Files\Advanced Registry Optimizer\unins000.exe" /silent
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Diablo II-->C:\Program Files\Common Files\Blizzard Entertainment\Diablo II\Uninstall.exe
DivX Setup-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com
Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
Google Talk Plugin-->MsiExec.exe /I{26B878A8-5704-3B64-BDBC-4F0EACA38121}
Hard Disk Tune-Up 1.0-->"C:\Program Files\Hard Disk Tune-Up\unins000.exe"
iGetter v2.6-->"C:\Program Files\iGetter\unins000.exe"
Japanese Language Support-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\ja.inf, Uninstall
Java™ 6 Update 18-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
KeyScrambler-->C:\Program Files\KeyScrambler\uninstall.exe
K-Lite Codec Pack 5.1.6 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Lexmark 2600 Series-->C:\Program Files\Lexmark 2600 Series\Install\x86\Uninst.exe
Lexmark Fax Solutions-->C:\Program Files\Lexmark Fax Solutions\Install\x86\Uninst.exe /R:faxunst
Lexmark Toolbar-->regsvr32.exe /s /u "C:\Program Files\Lexmark Toolbar\toolband.dll"
LG CyberLink LabelPrint-->"C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
LG CyberLink LabelPrint-->"C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
LG CyberLink Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
LG CyberLink Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
LG CyberLink PowerBackup-->"C:\Program Files\InstallShield Installation Information\{ADD5DB49-72CF-11D8-9D75-000129760D75}\Setup.exe" -uninstall
LG CyberLink PowerDVD-->"C:\Program Files\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\Setup.exe" /z-uninstall
LG CyberLink PowerDVD-->"C:\Program Files\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\Setup.exe" /z-uninstall
LG CyberLink PowerProducer-->"C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" /z-uninstall
LG CyberLink PowerProducer-->"C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" /z-uninstall
LG CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall
LG CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall
LG ODD Auto Firmware Update-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~2\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6179550A-3E7C-499E-BCC9-9E8113E0A285}\Setup.exe"
LG Power Tools-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
LG Power Tools-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
LightScribe System Software-->MsiExec.exe /X{CC8E94A2-55C7-4460-953C-2A790180578C}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
McAfee Online Backup-->C:\Program Files\McAfeeMOBK\MozyUninstaller.exe
McAfee Online Backup-->MsiExec.exe /X{CFF4500E-C5D6-695D-A027-B3D4DDED2CC3}
McAfee Total Protection-->C:\Program Files\McAfee\MSC\mcuihost.exe /body:misp://MSCJsRes.dll::uninstall.html /id:uninstall
McAfee Virtual Technician-->MsiExec.exe /I{8F1A20DC-251D-47B0-91B7-DCA2523EE6C9}
MemTurbo 4-->"C:\Program Files\MemTurbo 4\unins000.exe"
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Corporation-->MsiExec.exe /I{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}
Microsoft LifeCam-->MsiExec.exe /X{47A3FE80-528F-482B-8143-B3A4645557FC}
Microsoft Office Word Viewer 2003-->MsiExec.exe /I{90850409-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mozilla Firefox (3.6.8)-->C:\Program Files\Mozilla Firefox 3.6 Beta 1\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
PC Matic 1.0.0.0-->"C:\Program Files\PCPitstop\PC Matic\unins000.exe"
PVSonyDll-->MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A}
RDesc 2.32-->"C:\RDesc\unins000.exe"
Recuva-->"C:\Program Files\Recuva\uninst.exe"
Rosetta Stone Version 3-->MsiExec.exe /X{99011A6E-5200-11DE-BDB8-7ACD56D89593}
Skype Toolbars-->MsiExec.exe /I{2B322F4F-F403-4975-AB54-530459472148}
Skype™ Beta 5.0-->MsiExec.exe /X{48A25E19-D9AE-4BBE-9411-6F4C5D328B39}
Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_HSF\UIU32m.exe -U -I*.INF
SUPERAntiSpyware-->"C:\Program Files\SUPERAntiSpyware\Uninstall.exe"
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
ViiKii Desktop Plug-in-->msiexec /qb /x {475CEB7F-F373-743A-AC19-7CE00D01A74A}
ViiKii Desktop Plug-in-->MsiExec.exe /I{475CEB7F-F373-743A-AC19-7CE00D01A74A}
VLC media player 1.1.3-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Driver Package - NVIDIA (nvlddmkm) Display (01/11/2010 8.17.11.9621)-->C:\PROGRA~1\DIFX\25C232~1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nv_disp.inf_x86_neutral_b4f56b3433cb32b1\nv_disp.inf
Windows Driver Package - NVIDIA (nvlddmkm) Display (11/20/2009 8.17.11.9562)-->C:\PROGRA~1\DIFX\25C232~1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nv_disp.inf_x86_neutral_41aad7f8b629e0a1\nv_disp.inf
Windows Driver Package - NVIDIA (nvlddmkm) Display (11/20/2009 8.17.11.9562)-->C:\PROGRA~1\DIFX\25C232~1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nvdd.inf_x86_neutral_4f41923df5620f5b\nvdd.inf
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe

======System event log======

Computer Name: benld-PC
Event Code: 4376
Message: Servicing has required reboot to complete the operation of setting package KB967723(Security Update) into Install Requested(Install Requested) state
Record Number: 15833
Source Name: Microsoft-Windows-Servicing
Time Written: 20091001091936.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: benld-PC
Event Code: 4376
Message: Servicing has required reboot to complete the operation of setting package KB967723(Security Update) into Install Requested(Install Requested) state
Record Number: 15832
Source Name: Microsoft-Windows-Servicing
Time Written: 20091001091936.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: benld-PC
Event Code: 4376
Message: Servicing has required reboot to complete the operation of setting package KB967723(Security Update) into Install Requested(Install Requested) state
Record Number: 15831
Source Name: Microsoft-Windows-Servicing
Time Written: 20091001091936.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: benld-PC
Event Code: 4376
Message: Servicing has required reboot to complete the operation of setting package KB967723(Security Update) into Install Requested(Install Requested) state
Record Number: 15830
Source Name: Microsoft-Windows-Servicing
Time Written: 20091001091936.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: benld-PC
Event Code: 4376
Message: Servicing has required reboot to complete the operation of setting package KB952709(Update) into Install Requested(Install Requested) state
Record Number: 15829
Source Name: Microsoft-Windows-Servicing
Time Written: 20091001091936.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: benld-PC
Event Code: 1000
Message:
Record Number: 81
Source Name: Application Error
Time Written: 20091001083103.000000-000
Event Type: Error
User:

Computer Name: benld-PC
Event Code: 1534
Message:
Record Number: 36
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20091001075634.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: benld-PC
Event Code: 2
Message: Unable to remove Windows Search Service indexed data for user 'benld-PC\Administrator' in response to user profile deletion. Error code 0x80070015.

The device is not ready.
.
Record Number: 35
Source Name: Microsoft-Windows-Search-ProfileNotify
Time Written: 20091001075634.000000-000
Event Type: Error
User:

Computer Name: benld-PC
Event Code: 10
Message: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Record Number: 31
Source Name: Microsoft-Windows-WMI
Time Written: 20091001075613.000000-000
Event Type: Error
User:

Computer Name: benld-PC
Event Code: 1008
Message:
Record Number: 23
Source Name: Microsoft-Windows-Search
Time Written: 20091001075603.000000-000
Event Type: Warning
User:

=====Security event log=====

Computer Name: 26L2233B1-13
Event Code: 4648
Message: A logon was attempted using explicit credentials.

Subject:
Security ID: S-1-5-18
Account Name: 26L2233B1-13$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Account Whose Credentials Were Used:
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon GUID: {00000000-0000-0000-0000-000000000000}

Target Server:
Target Server Name: localhost
Additional Information: localhost

Process Information:
Process ID: 0x234
Process Name: C:\Windows\System32\services.exe

Network Information:
Network Address: -
Port: -

This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command.
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091001075047.992071-000
Event Type: Audit Success
User:

Computer Name: 26L2233B1-13
Event Code: 4902
Message: The Per-user audit policy table was created.

Number of Elements: 0
Policy ID: 0x58460
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091001075042.844038-000
Event Type: Audit Success
User:

Computer Name: 26L2233B1-13
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0

Logon Type: 0

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x4
Process Name:

Network Information:
Workstation Name: -
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: -
Authentication Package: -
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091001075041.518029-000
Event Type: Audit Success
User:

Computer Name: 26L2233B1-13
Event Code: 4608
Message: Windows is starting up.

This event is logged when LSASS.EXE starts and the auditing subsystem is initialized.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091001075041.502429-000
Event Type: Audit Success
User:

Computer Name: 26L2233B1-13
Event Code: 4634
Message: An account was logged off.

Subject:
Security ID: S-1-5-7
Account Name: ANONYMOUS LOGON
Account Domain: NT AUTHORITY
Logon ID: 0x1f2f0

Logon Type: 3

This event is generated when a logon session is destroyed. It may be positively correlated with a logon event using the Logon ID value. Logon IDs are only unique between reboots on the same computer.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20080121025830.171200-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=1
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 127 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=7f02
"DFSTRACINGON"=FALSE
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat

-----------------EOF-----------------


#5 suebaby41

suebaby41

    W.A.M. (Women Against Malware)


  • Malware Response Team
  • 6,248 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Carolina, USA
  • Local time:12:28 AM

Posted 23 August 2010 - 12:19 PM

NOTE: If for some reason you are unable to complete a step(s), skip that step and continue with the rest of the steps. Please describe your problem with the step in your next reply.

Step 1

You may want to print this page. Make sure to work through the fixes in the order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes.

Step 2

TFC (Temp File Cleaner) will clear out all temp folders for all user accounts (temp, IE temp, java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder. It also cleans out the %systemroot%\temp folder and checks for .tmp files in the %systemdrive% root folder, %systemroot%, and the system32 folder (both 32bit and 64bit on 64bit OSs). It shows the amount removed for each location found (in bytes) and the total removed (in MB). Before running, it will stop Explorer and all other running apps. When finished, if a reboot is required the user must reboot to finish clearing any in-use temp files.

TFC only cleans temp folders. TFC will not clean URL history, prefetch, or cookies. Depending on how often someone cleans their temp folders, their system hardware, and how many accounts are present, it can take anywhere from a few seconds to a minute or more. TFC will completely clear all temp files where other temp file cleaners may fail. TFC requires a reboot immediately after running. Be sure to save any unsaved work before running TFC.
  1. Please download TFC by OldTimer to your desktop.
  2. Open the file and close any other windows.
  3. It will close all programs itself when run; make sure to let it run uninterrupted.
  4. Click the Start button to begin the process. The program should not take long to finish its job.
  5. After it is finished, it should reboot your machine, if not, do this yourself to ensure a complete clean.
Step 3

In normal mode, run an online antivirus check from at least two and preferably three of the following sites
BitDefender
Computer Associates Online Virus Scan
Panda's ActiveScan
Trend Micro Housecall
Windows Live Safety Center Free Online Scan
This scanner from Trend does not require an Active X to run.
  1. Detects and removes malware ( viruses, worms, trojans, etc. )
  2. Detects and removes grayware and spyware
  3. Restores damage caused by malware to your system.
  4. Notifies about vulnerabilities in installed programs and connected network services.
  5. Multi-platform support for: Windows, Linux, Solaris.
  6. Easy-to-use with the Microsoft Internet Explorer and Mozilla Firefox.
When you have completed the scans, if you get a report of files that can’t be cleaned / deleted, make a note of the file location of anything that cannot be deleted so you can delete it yourself. Please post that list in your next reply.

Step 4

Please download Spybot-S&D©® and install Spybot-S&D©® .
  1. Be sure to UNCHECK TeaTimer when presented with the option to install. You can enable it after you are clean.
  2. Run Spybot-S&D©® , go to the Menu Bar at the top choose Mode and make certain that "Default mode" has a check mark beside it.
  3. Click the button "Search for Updates".
  4. If any updates are found, install them by placing a check mark next to each one and clicking "Download Updates".
  5. If you encounter any error messages while downloading the updates, manually download them from here.
  6. Click on "Immunize". When it detects what has or has not been blocked, block all remaining items by clicking the green plus sign next to immunize at the top.
  7. Click the button "Check for Problems".
  8. When Spybot-S&D©® is complete, it will be showing RED entries, bold BLACK entries and GREEN entries in the window.
  9. Make certain there is a check mark beside all of the RED entries ONLY.
  10. Choose "Fix Selected Problems" and allow Spybot-S&D©® to fix the RED entries.
  11. REBOOT to complete the scan and clear memory.
Note: After Windows loads, Spybot-S&D©® may run again to clean some files that it could not clean during the prior session. Follow the same procedure.

Step 5

We need to disconnect your computer from the Internet. By doing this, it prevents any further Internet activity until the removal of malware is complete. You need to make it impossible for viruses, trojan horses, worms and spyware to call for backup once you start to dismantle them. They will continue to infect your computer with new variants while you are connected to the Internet. We also need to prevent hackers from controlling your system and they will try to prevent you from removing the pests they installed on your computer.

Close ALL browser windows (including this one). Exit all processes and items in your System tray.

According to how your computer connects to the Internet, please disconnect your computer from the Internet. Possible means of disconnecting your computer from the Internet include:
  • Physically remove the cable for your broadband Internet service “Always On” Connection from your computer.
  • Turn your modem off.
  • Disconnect your modem cable from your computer.
  • Turn the device off for Hand-held wireless connections.
  • Some laptops have a switch that will disconnect the laptop from the Internet.
Step 6

During the process of removing malware from your computer, there are times you may need to use specialized fix tools. Certain embedded files that are part of these specialized fix tools may be detected by your antivirus or anti-malware scanner as a RiskTool, Hacking tool, Potentially unwanted tool, a virus or a Trojan when that is not the case.
These tools have been carefully created and tested by security experts so if your antivirus or anti-malware program flags them as malware, then it is a False Positive. Antivirus scanners cannot distinguish between good and malicious use of such programs; therefore, they may alert you or even automatically remove them. In these cases, the removal of these files can have unpredictable results and unintentional results.
To avoid any problems while using a specialized fix tool, it is very important that you temporarily disable your antivirus and/or anti-malware programs before using the specialized fix tool.
When your system has been cleaned, it is important that you enable your security programs to avoid reinfection.
Please disable the following program(s):

SUPERAntiSpyware

We need to disable SUPERAntiSpyware as it may interfere with the fixes that we need to make.
  1. Right click on the icon in your System Tray.
  2. Click Exit
  3. Make sure that the program, SUPERAntiSpyware itself, is also closed/not running.
Step 7

Now we will address the HijackThis fixes.
  1. If you have not already done so, please download Trend Micro - HijackThis.
  2. Double click HJTInstall.exe to begin installation.
  3. Accept the installation location, which by default is C:\Program Files\Trend Micro\HijackThis or click the Browse... button if you want to save it in another location.
  4. Click Install.
  5. A shortcut will be created on your Desktop and HijackThis will run automatically.
  6. Click the button labeled Do a system scan only.
  7. Click the Scan button in the lower left hand corner of the interface and HijackThis will quickly scan your system.
  8. Click in the boxes to the left of the following entries to place check marks (make sure not to miss any):

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - (no file)
    O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - (no file)

  9. Close all browsers and other windows except for HijackThis, and click Fix Checked to have HijackThis fix the entries you checked.
Step 8

Optional Fixes is the name that we use for fixes for unnecessary programs that load during startup and run in the background. These programs are not required to start automatically as you can start them manually if you need them. You would be removing the program from your startup but you would not be removing the program itself.

Your computer may be sluggish due to the many programs loading during startup and running in the background that are not necessary. Windows has a facility for starting programs at startup time. Some of these programs are required for your computer and the applications installed on it to run correctly. A good example of such a program is a virus-checking application that must always run, constantly checking for and isolating or removing files with viruses. Other such programs are not strictly required, or are optional. In some cases, you can gain significant performance enhancements by disabling the automatic startup of these programs. In many cases, the functionality offered by the programs is still available by starting the programs manually by, for example, starting the program from the Windows Start->Programs menu. Media players and instant messaging programs often fall into this category. In fact, it is common for many modern software applications, when installed, to add programs at startup that add items to the system tray or shortcut (context) menus in Windows Explorer to provide quick access to the features and functions of these applications. While they may be useful, they do increase boot time and consume system resources. It is advised that you disable these programs so that they do not take up necessary resources or slow the boot time.

Other than ScanRegistry, SystemTray, StateMgr, antivirus program entries, and firewall program entries, very few others need to load and run.

Read the articles below to see if it applies to your computer problem with being slow to respond.
Slow Computer/browser? Check Here First; It May Not Be Malware
What to do if your Computer is running slowly
Help! My computer is slow!
50 Tips for a Super Fast PC
4 Ways to Speed Up Your Computer's Performance
It's not always malware: How to fix the top 10 Internet Explorer issues

If you decide that you want to stop the Optional Fixes in your startup, let me know and I will give you a list with instructions. You would be removing the program from your startup but you would not be removing the program itself.

Step 9

Please download and scan with Dr.Web CureIt. Follow the instructions here for performing a scan in "Safe Mode" .
-- Post the log in your next reply.

Perform an anti-rootkit (ARK) scan with one of the following:
Before performing an ARK scan it is recommended to do the following to ensure more accurate results and avoid common issues that may cause false detections.
  1. Disconnect from the Internet or physically unplug your Internet cable connection.
  2. Clean out your temporary files.
  3. Close all open programs, scheduling/updating tasks and background processes that might activate during the scan including the screensaver.
  4. Temporarily disable your anti-virus and real-time anti-spyware protection.
  5. After starting the scan, do not use the computer until the scan has completed.
  6. When finished, enable your anti-virus/anti-malware (or reboot) and then you can reconnect to the Internet.

Note: Not all hidden components detected by ARKs are malicious. It is normal for a Firewall, some Anti-virus and Anti-malware software (ProcessGuard, Prevx1, AVG AS), sandboxes, virtual machines and Host based Intrusion Prevention Systems (HIPS) to hook into the OS kernal/SSDT in order to protect your system. You should not be alarmed if you see any hidden entries created by these software programs after performing a scan.

Step 10

Check to see if you have insecure applications with
Secunia Software Inspector. Secunia Software Inspector:
  1. Detects insecure versions of common/popular programs installed on your computer.
  2. Verifies that all Microsoft patches are applied.
  3. Assists you in updating, patching, and protecting your computer.
  4. Activates additional security features in Sun Java.
  5. Runs through your browser. No installation or download is required.
Step 11

Please run HijackThis in Normal Mode and post a new HijackThis log so I can make sure that all the malware was deleted according to plan.

Please post:
  1. the list of file names and locations for any files that cannot be cleaned / deleted that were reported after you completed the online scans.
  2. a new HijackThis log
Please advise me of any problems you still have.
You don't stop laughing when you get old; you get old when you stop laughing.
A Member of U-N-I-T-E (Unified Network of Instructors and Trained Eliminators)
Malware Removal University Masters Graduate

Posted Image
Join The Fight Against Malware
No reply within 5 days will result in your topic being closed. If you need more time, please let me know by posting in this topic so that your topic will not be closed.

#6 suebaby41

suebaby41

    W.A.M. (Women Against Malware)


  • Malware Response Team
  • 6,248 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Carolina, USA
  • Local time:12:28 AM

Posted 23 August 2010 - 12:35 PM

The Pando Media Booster is a product that is powered by the Pando P2P Networking Engine.
Note: Even if you are using a "safe" P2P program, it is only the program that is safe. I suggest that you uninstall PMB for the following reasons:
  1. As long as you are using file sharing networks and programs which are from sources that are not documented, you cannot verity that a download is legitimate.
  2. Malware writers use these program to include malicious content.
    Fie sharing is usually unmonitored and there is a danger that your private files might be accessed.
  3. The 'sharing' also includes malware that the shared system has on it.
  4. Files that are illegal can be spread through file sharing. [/list
    Indicated in the HijackThis log by:

    O4 - Startup: ViiKiiDesktopPlugin.lnk = C:\Program

    O4 - Startup: ViiKiiDesktopPlugin.lnk = C:\Program Files\ViiKiiDesktopPlugin\ViiKiiDesktopPlugin.exe

Edited by suebaby41, 23 August 2010 - 12:35 PM.

You don't stop laughing when you get old; you get old when you stop laughing.
A Member of U-N-I-T-E (Unified Network of Instructors and Trained Eliminators)
Malware Removal University Masters Graduate

Posted Image
Join The Fight Against Malware
No reply within 5 days will result in your topic being closed. If you need more time, please let me know by posting in this topic so that your topic will not be closed.

#7 benjola2

benjola2
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:28 PM

Posted 24 August 2010 - 05:03 PM

QUOTE(suebaby41 @ Aug 23 2010, 12:35 PM) View Post
The Pando Media Booster is a product that is powered by the Pando P2P Networking Engine.
Note: Even if you are using a "safe" P2P program, it is only the program that is safe. I suggest that you uninstall PMB for the following reasons:
  1. As long as you are using file sharing networks and programs which are from sources that are not documented, you cannot verity that a download is legitimate.
  2. Malware writers use these program to include malicious content.
    Fie sharing is usually unmonitored and there is a danger that your private files might be accessed.
  3. The 'sharing' also includes malware that the shared system has on it.
  4. Files that are illegal can be spread through file sharing. [/list
    Indicated in the HijackThis log by:

    O4 - Startup: ViiKiiDesktopPlugin.lnk = C:\Program

    O4 - Startup: ViiKiiDesktopPlugin.lnk = C:\Program Files\ViiKiiDesktopPlugin\ViiKiiDesktopPlugin.exe

thank you for your help i will try this out and see if it helps thumbup.gif

#8 suebaby41

suebaby41

    W.A.M. (Women Against Malware)


  • Malware Response Team
  • 6,248 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Carolina, USA
  • Local time:12:28 AM

Posted 27 August 2010 - 10:51 AM

Let me know how your computer is behaving. Thanks.
You don't stop laughing when you get old; you get old when you stop laughing.
A Member of U-N-I-T-E (Unified Network of Instructors and Trained Eliminators)
Malware Removal University Masters Graduate

Posted Image
Join The Fight Against Malware
No reply within 5 days will result in your topic being closed. If you need more time, please let me know by posting in this topic so that your topic will not be closed.

#9 suebaby41

suebaby41

    W.A.M. (Women Against Malware)


  • Malware Response Team
  • 6,248 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Carolina, USA
  • Local time:12:28 AM

Posted 03 September 2010 - 07:31 AM

This subject is now closed. If you need this topic reopened, please contact a member of the HJT Team and we will reopen it for you. Include the address of this thread in your request. If you should have a new issue, please start a new topic. This applies only to the original topic starter. Everyone else please begin a New Topic.

You don't stop laughing when you get old; you get old when you stop laughing.
A Member of U-N-I-T-E (Unified Network of Instructors and Trained Eliminators)
Malware Removal University Masters Graduate

Posted Image
Join The Fight Against Malware
No reply within 5 days will result in your topic being closed. If you need more time, please let me know by posting in this topic so that your topic will not be closed.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users